Microsoft Security Response Center Blog Alerts

Chromium: CVE-2026-6304 Use after free in Graphite

Published April 19, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-6303 Use after free in Codecs

Published April 19, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-6302 Use after free in Video

Published April 19, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-6301 Type Confusion in Turbofan

Published April 19, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-6300 Use after free in CSS

Published April 19, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-6299 Use after free in Prerender

Published April 19, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-6298 Heap buffer overflow in Skia

Published April 19, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Published April 19, 2026

Information published.

CVE-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

Published April 19, 2026

Information published.

CVE-2026-5160

Published April 19, 2026

Information published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

AbuseIPDB Contributor Badge

© 2026, Network Services Group |  216.73.217.116
Contributor,  Detroit Internet Exchange