CVE-2020-15999CISA KEVEPSS p98.6%

CVE-2020-15999Google Chrome FreeType Heap Buffer Overflow Vulnerability

Google / Chrome FreeType

Description

Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and CVE-2020-16010 on Android.

Scoring

EPSS44.30% probability of exploitation · percentile 98.6% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryGoogle Chrome FreeType Heap Buffer Overflow Vulnerabilitykev-cve-2020-159990%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Google Chrome for Android UI Heap Buffer Overflow Vulnerability
CVE
Google Chrome Use-After-Free Vulnerability
CVE
CVE-2026-11299
CVE
CVE-2026-4679
CVE
CVE-2025-0999
CVE
CVE-2026-8577
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.