CVE-2026-11673
- EPSS 0.24%
- Veröffentlicht 08.06.2026 23:27:46
- Zuletzt bearbeitet 09.06.2026 14:54:06
Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11671
- EPSS 0.24%
- Veröffentlicht 08.06.2026 23:27:45
- Zuletzt bearbeitet 09.06.2026 14:53:57
Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11669
- EPSS 0.21%
- Veröffentlicht 08.06.2026 23:27:44
- Zuletzt bearbeitet 10.06.2026 16:16:05
Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium sec...
CVE-2026-11670
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:44
- Zuletzt bearbeitet 09.06.2026 14:53:48
Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
CVE-2026-11667
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:43
- Zuletzt bearbeitet 09.06.2026 14:53:38
Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11668
- EPSS 0.19%
- Veröffentlicht 08.06.2026 23:27:43
- Zuletzt bearbeitet 10.06.2026 16:17:11
Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High)
CVE-2026-11665
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:42
- Zuletzt bearbeitet 09.06.2026 14:58:41
Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11666
- EPSS 0.21%
- Veröffentlicht 08.06.2026 23:27:42
- Zuletzt bearbeitet 10.06.2026 18:31:16
Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11663
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:41
- Zuletzt bearbeitet 09.06.2026 14:58:50
Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11664
- EPSS 0.25%
- Veröffentlicht 08.06.2026 23:27:41
- Zuletzt bearbeitet 09.06.2026 14:58:46
Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)