CVE-2026-12018
- EPSS 0.16%
- Veröffentlicht 11.06.2026 20:48:08
- Zuletzt bearbeitet 23.06.2026 20:01:47
Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-12013
- EPSS 0.06%
- Veröffentlicht 11.06.2026 20:48:07
- Zuletzt bearbeitet 12.06.2026 17:12:12
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12014
- EPSS 0.17%
- Veröffentlicht 11.06.2026 20:48:07
- Zuletzt bearbeitet 23.06.2026 20:02:32
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. (Chromium security severity: High)
CVE-2026-12015
- EPSS 0.23%
- Veröffentlicht 11.06.2026 20:48:07
- Zuletzt bearbeitet 23.06.2026 20:02:19
Use after free in Autofill in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severit...
CVE-2026-12011
- EPSS 0.25%
- Veröffentlicht 11.06.2026 20:48:06
- Zuletzt bearbeitet 12.06.2026 17:20:13
Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-12012
- EPSS 0.23%
- Veröffentlicht 11.06.2026 20:48:06
- Zuletzt bearbeitet 23.06.2026 20:02:22
Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
CVE-2026-12009
- EPSS 0.25%
- Veröffentlicht 11.06.2026 20:48:05
- Zuletzt bearbeitet 12.06.2026 17:18:55
Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium ...
CVE-2026-12010
- EPSS 0.27%
- Veröffentlicht 11.06.2026 20:48:05
- Zuletzt bearbeitet 12.06.2026 17:19:33
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-12007
- EPSS 0.29%
- Veröffentlicht 11.06.2026 20:48:04
- Zuletzt bearbeitet 12.06.2026 17:08:00
Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-12008
- EPSS 0.25%
- Veröffentlicht 11.06.2026 20:48:04
- Zuletzt bearbeitet 23.06.2026 20:02:27
Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)