CVE-2026-7337High
ANC
ANC
Anchore Vulnerability Database overrides
Supplementary feed layered on top of upstream sources. Anchore maintainers publish override records to suppress known false positives and fill CPE/PURL gaps that would otherwise cause Grype and similar scanners to mis-report a system.
Region
US
Updates
6 ч
License
Apache-2.0
Curated corrections to the Anchore/Grype vulnerability database: false-positive suppressions, missing CPE mappings and distro-specific backport fixes.
https://github.com/anchore/grype-db →Share link
Anyone with the link can open this vulnerability.
Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a cr…
CVSS
8.8
High
EPSS
0.00
p14
Published
2026-01-01
Updated
2026-01-01
Description
Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Tags · CWE
Pre-auth
CWE-843
CWE-843BaseIncomplete
Access of Resource Using Incompatible Type ('Type Confusion')
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
https://cwe.mitre.org/data/definitions/843.html →Open in CWE collection →Affected products
ChromiumChromiumChrome
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Timeline
2026-01-01
Published
2026-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.000 · p14
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected software
| Product | Vendor | Status |
|---|---|---|
| Tracked | ||
| chromium | Tracked | |
| chromium | Tracked | |
| chrome | * | Tracked |
Source databases
ANC
ANC
Anchore Vulnerability Database overrides
Supplementary feed layered on top of upstream sources. Anchore maintainers publish override records to suppress known false positives and fill CPE/PURL gaps that would otherwise cause Grype and similar scanners to mis-report a system.
Region
US
Updates
6 ч
License
Apache-2.0
Curated corrections to the Anchore/Grype vulnerability database: false-positive suppressions, missing CPE mappings and distro-specific backport fixes.
https://github.com/anchore/grype-db →DEB
DEB
Debian Security Advisories (DSA)
DSAs are published by the Debian Security Team for issues affecting the stable distribution. The downstream tracker (security-tracker.debian.org) additionally maps every CVE to its package-level status across all supported suites.
Region
Intl.
Updates
1 ч
License
Public Domain
Advisories covering the Debian stable and oldstable releases. Ship notes include the exact .deb version that remediates each issue.
https://www.debian.org/security/ →CVE
CVE
National Vulnerability Database
NVD is the U.S. government repository of standards-based vulnerability management data, built on top of the MITRE CVE list. Every record includes CPE applicability statements, CVSS v2 and v3.x base scores, CWE mappings and cross-references to advisories.
Region
US
Updates
15 min
License
Public Domain
Comprehensive catalog of publicly disclosed vulnerabilities with CPE matches, CVSS scoring and reference URLs. De-facto standard for cross-vendor correlation.
https://nvd.nist.gov →Related vulnerabilities
External references
https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html@https://crbug.com/503889643@https://crbug.com/500767595@https://crbug.com/500880819@https://crbug.com/501722605@https://crbug.com/502206907@https://crbug.com/502248774@https://crbug.com/502449857@https://crbug.com/504586599@https://crbug.com/500104917@https://crbug.com/493957495@https://crbug.com/497896137@https://crbug.com/498285711@https://crbug.com/500387779@https://crbug.com/500034684@https://crbug.com/494352590@https://crbug.com/496285281@https://crbug.com/493221953@https://crbug.com/503419515@https://crbug.com/503645680@https://crbug.com/493955227@https://crbug.com/495852034@https://crbug.com/496284494@https://crbug.com/496456528@https://crbug.com/500018484@https://crbug.com/497047552@https://crbug.com/497769116@https://crbug.com/498746519@https://crbug.com/498809718@https://crbug.com/499023054@https://crbug.com/499119490https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html@https://issues.chromium.org/issues/500880819