DSA-6364-1 chromium - security update
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-6364-1
CSIRTS triage
- What
- Security issues in Chromium could allow execution of arbitrary code, denial of service, or information disclosure.
- Who is affected
- Deployments of Chromium are affected.
- Urgency
- Remediation is necessary due to the potential for serious security vulnerabilities.
- Action
- Apply the latest security update for Chromium.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Chromium
Get an email when a new Chromium advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://lists.debian.org/debian-security-announce/2026/msg00275.html
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-130210.14% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 4% of all scored CVEs.
- Low exploitation riskCVE-2026-130220.14% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 4% of all scored CVEs.
- Low exploitation riskCVE-2026-130230.19% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 8% of all scored CVEs.
- Low exploitation riskCVE-2026-130240.15% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 4% of all scored CVEs.
- Low exploitation riskCVE-2026-130250.18% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 8% of all scored CVEs.
- Low exploitation riskCVE-2026-130260.19% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 9% of all scored CVEs.
- Low exploitation riskCVE-2026-130270.19% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 9% of all scored CVEs.
- Low exploitation riskCVE-2026-130280.22% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 12% of all scored CVEs.
- Low exploitation riskCVE-2026-130290.15% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 5% of all scored CVEs.
- Low exploitation riskCVE-2026-130300.19% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 8% of all scored CVEs.
Referenced CVEs
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- unknownMultiple vulnerabilities in Microsoft Edge (June 29, 2026)cert-fr-avis
- unknownGoogle Chrome Multiple Vulnerabilitieshkcert
- unknownMultiple vulnerabilities in Google Chrome (June 25, 2026)cert-fr-avis
- unknownCVE-2026-13034: Chromium: CVE-2026-13034 Inappropriate implementation in Passwordsmsrc
- unknownCVE-2026-13033: Chromium: CVE-2026-13033 Out of bounds read in Blink>InterestGroupsmsrc
- unknownCVE-2026-13031: Chromium: CVE-2026-13031 Use after free in Blinkmsrc
- unknownCVE-2026-13029: Chromium: CVE-2026-13029 Use after free in Web Authenticationmsrc
- unknownCVE-2026-13027: Chromium: CVE-2026-13027 Use after free in FileSystemmsrc
- unknownCVE-2026-13026: Chromium: CVE-2026-13026 Use after free in Digital Credentialsmsrc
- unknownCVE-2026-13025: Chromium: CVE-2026-13025 Insufficient validation of untrusted input in DevToolsmsrc
- unknownCVE-2026-13024: Chromium: CVE-2026-13024 Insufficient validation of untrusted input in Navigationmsrc
- unknownCVE-2026-13023: Chromium: CVE-2026-13023 Uninitialized Use in GPUmsrc
More from Debian Security Advisories
- unknownDSA-6386-1 opam - security update2026-07-10
- unknownDSA-6384-1 chromium - security update2026-07-08
- unknownDSA-6385-1 pgextwlist - security update2026-07-08
- unknownDSA-6382-1 postfix - security update2026-07-07
- unknownDSA-6383-1 imagemagick - security update2026-07-07