Security Risk Category
malicious-extension Security Risks
Published vulnerability pages connected to malicious-extension. One risk can appear in multiple categories while keeping one canonical page.
malicious-extension risks
Showing 2 of 2 published risks.
mediumEPSS 0.001
Google Chrome Extensions API Integer Overflow Out-of-Bounds Read Vulnerability
Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. (Chromium security severity: High)
CVE-2026-15108chromechromiumbrowserextensions-api
Updated Jul 10, 2026
highEPSS 0.001
Google Chrome Extensions Use-After-Free Heap Corruption Vulnerability
Use after free in Extensions in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
CVE-2026-15110chromechromiumbrowserextensions
Updated Jul 10, 2026
