Alpine: multiple qt6-qtwebengine packages: security update to 6.10.3-r1

high Tenable Cloud Security Plugin ID 441758

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute
arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
(CVE-2026-5883)

- Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute
arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
(CVE-2026-5860)

- Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute
arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
(CVE-2026-5861)

- Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute
arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
(CVE-2026-5865)

- Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute
arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
(CVE-2026-5866)

Solution

Update the qt6-qtwebengine library and its related packages to version 6.10.3-r1 or later.

See Also

https://security.alpinelinux.org/vuln/CVE-2026-5860

https://security.alpinelinux.org/vuln/CVE-2026-5861

https://security.alpinelinux.org/vuln/CVE-2026-5865

https://security.alpinelinux.org/vuln/CVE-2026-5866

https://security.alpinelinux.org/vuln/CVE-2026-5868

https://security.alpinelinux.org/vuln/CVE-2026-5870

https://security.alpinelinux.org/vuln/CVE-2026-5872

https://security.alpinelinux.org/vuln/CVE-2026-5873

https://security.alpinelinux.org/vuln/CVE-2026-5875

https://security.alpinelinux.org/vuln/CVE-2026-5876

https://security.alpinelinux.org/vuln/CVE-2026-5877

https://security.alpinelinux.org/vuln/CVE-2026-5878

https://security.alpinelinux.org/vuln/CVE-2026-5879

https://security.alpinelinux.org/vuln/CVE-2026-5880

https://security.alpinelinux.org/vuln/CVE-2026-5882

https://security.alpinelinux.org/vuln/CVE-2026-5883

https://security.alpinelinux.org/vuln/CVE-2026-5884

https://security.alpinelinux.org/vuln/CVE-2026-5886

https://security.alpinelinux.org/vuln/CVE-2026-5888

https://security.alpinelinux.org/vuln/CVE-2026-5889

https://security.alpinelinux.org/vuln/CVE-2026-5890

https://security.alpinelinux.org/vuln/CVE-2026-5891

https://security.alpinelinux.org/vuln/CVE-2026-5893

https://security.alpinelinux.org/vuln/CVE-2026-5894

https://security.alpinelinux.org/vuln/CVE-2026-5900

https://security.alpinelinux.org/vuln/CVE-2026-5903

https://security.alpinelinux.org/vuln/CVE-2026-5912

https://security.alpinelinux.org/vuln/CVE-2026-5913

https://security.alpinelinux.org/vuln/CVE-2026-5914

https://security.alpinelinux.org/vuln/CVE-2026-5918

https://security.alpinelinux.org/vuln/CVE-2026-6296

https://security.alpinelinux.org/vuln/CVE-2026-6297

https://security.alpinelinux.org/vuln/CVE-2026-7333

https://security.alpinelinux.org/vuln/CVE-2026-7339

https://security.alpinelinux.org/vuln/CVE-2026-7340

https://security.alpinelinux.org/vuln/CVE-2026-7341

https://security.alpinelinux.org/vuln/CVE-2026-7345

https://security.alpinelinux.org/vuln/CVE-2026-7349

https://security.alpinelinux.org/vuln/CVE-2026-7350

https://security.alpinelinux.org/vuln/CVE-2026-7351

https://security.alpinelinux.org/vuln/CVE-2026-7353

https://security.alpinelinux.org/vuln/CVE-2026-7354

https://security.alpinelinux.org/vuln/CVE-2026-7356

https://security.alpinelinux.org/vuln/CVE-2026-7357

https://security.alpinelinux.org/vuln/CVE-2026-7359

https://security.alpinelinux.org/vuln/CVE-2026-7360

Plugin Details

Severity: High

ID: 441758

Version: Revision 1.4

Type: Local

Published: 5/12/2026

Updated: 6/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.48

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-5883

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/7/2026

Reference Information

CVE: CVE-2026-5860, CVE-2026-5861, CVE-2026-5865, CVE-2026-5866, CVE-2026-5868, CVE-2026-5870, CVE-2026-5872, CVE-2026-5873, CVE-2026-5875, CVE-2026-5876, CVE-2026-5877, CVE-2026-5878, CVE-2026-5879, CVE-2026-5880, CVE-2026-5882, CVE-2026-5883, CVE-2026-5884, CVE-2026-5886, CVE-2026-5888, CVE-2026-5889, CVE-2026-5890, CVE-2026-5891, CVE-2026-5893, CVE-2026-5894, CVE-2026-5900, CVE-2026-5903, CVE-2026-5912, CVE-2026-5913, CVE-2026-5914, CVE-2026-5918, CVE-2026-6296, CVE-2026-6297, CVE-2026-7333, CVE-2026-7339, CVE-2026-7340, CVE-2026-7341, CVE-2026-7345, CVE-2026-7349, CVE-2026-7350, CVE-2026-7351, CVE-2026-7353, CVE-2026-7354, CVE-2026-7356, CVE-2026-7357, CVE-2026-7359, CVE-2026-7360