Chromium is an open-source web browser, powered by WebKit (Blink).
Update Information:
Update to 148.0.7778.167 CVE-2026-8509: Heap buffer overflow in WebML CVE-2026-8510: Integer overflow in Skia CVE-2026-8511: Use after free in UI CVE-2026-8512: Use after free in FileSystem CVE-2026-8513: Use after free in Input CVE-2026-8514: Use after free in Aura CVE-2026-8515: Use after free in HID CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer CVE-2026-8517: Object lifecycle issue in WebShare CVE-2026-8518: Use after free in Blink CVE-2026-8519: Integer overflow in ANGLE CVE-2026-8520: Race in Payments CVE-2026-8521: Use after free in Tab Groups CVE-2026-8522: Use after free in Downloads CVE-2026-8523: Use after free in Mojo CVE-2026-8558: Out of bounds write in Fonts CVE-2026-8524: Out of bounds write in WebAudio CVE-2026-8525: Heap buffer overflow in ANGLE CVE-2026-8526: Out of bounds write in WebRTC CVE-2026-8527: Insufficient validation of untrusted input in Downloads CVE-2026-8528: Insufficient validation of untrusted input i...
* Wed May 13 2026 Than Ngo
[ 1 ] Bug #2468370 - CVE-2026-7896 CVE-2026-7897 CVE-2026-7898 CVE-2026-7899 CVE-2026-7900 CVE-2026-7901 CVE-2026-7902 CVE-2026-7903 CVE-2026-7904 CVE-2026-7905 CVE-2026-7906 CVE-2026-7907 CVE-2026-7908 CVE-2026-7909 CVE-2026-7910 ... chromium: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2468370
[ 2 ] Bug #2477796 - CVE-2026-8509 CVE-2026-8510 CVE-2026-8511 CVE-2026-8512 CVE-2026-8513 CVE-2026-8514 CVE-2026-8515 CVE-2026-8516 CVE-2026-8517 CVE-2026-8518 CVE-2026-8519 CVE-2026-8520 CVE-2026-8521 CVE-2026-8522 CVE-2026-8523 ... chromium: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2477796
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-885a3f8c70' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.