CVE-2026-12025
- EPSS 0.23%
- Veröffentlicht 11.06.2026 20:48:11
- Zuletzt bearbeitet 12.06.2026 18:06:25
Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12026
- EPSS 0.24%
- Veröffentlicht 11.06.2026 20:48:11
- Zuletzt bearbeitet 01.07.2026 02:16:49
Out of bounds read in Video in Google Chrome on ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium sec...
CVE-2026-12027
- EPSS 0.22%
- Veröffentlicht 11.06.2026 20:48:11
- Zuletzt bearbeitet 23.06.2026 20:02:35
Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12022
- EPSS 0.17%
- Veröffentlicht 11.06.2026 20:48:10
- Zuletzt bearbeitet 13.06.2026 00:33:47
Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVE-2026-12023
- EPSS 0.23%
- Veröffentlicht 11.06.2026 20:48:10
- Zuletzt bearbeitet 12.06.2026 18:06:39
Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12024
- EPSS 0.16%
- Veröffentlicht 11.06.2026 20:48:10
- Zuletzt bearbeitet 23.06.2026 20:02:38
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12019
- EPSS 0.25%
- Veröffentlicht 11.06.2026 20:48:09
- Zuletzt bearbeitet 13.06.2026 00:45:25
Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security sever...
CVE-2026-12020
- EPSS 0.22%
- Veröffentlicht 11.06.2026 20:48:09
- Zuletzt bearbeitet 13.06.2026 00:34:47
Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12016
- EPSS 0.23%
- Veröffentlicht 11.06.2026 20:48:08
- Zuletzt bearbeitet 23.06.2026 20:02:07
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12017
- EPSS 0.21%
- Veröffentlicht 11.06.2026 20:48:08
- Zuletzt bearbeitet 23.06.2026 20:01:31
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)