CVE-2026-11295
- EPSS 0.21%
- Veröffentlicht 04.06.2026 23:06:22
- Zuletzt bearbeitet 08.06.2026 16:37:25
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11291
- EPSS 0.16%
- Veröffentlicht 04.06.2026 23:06:21
- Zuletzt bearbeitet 08.06.2026 16:37:09
Inappropriate implementation in Android Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11292
- EPSS 0.19%
- Veröffentlicht 04.06.2026 23:06:21
- Zuletzt bearbeitet 09.06.2026 13:54:07
Insufficient policy enforcement in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11293
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:21
- Zuletzt bearbeitet 09.06.2026 13:53:32
Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11289
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:20
- Zuletzt bearbeitet 09.06.2026 13:58:32
Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
- EPSS 0.07%
- Veröffentlicht 04.06.2026 23:06:20
- Zuletzt bearbeitet 15.06.2026 19:05:50
Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low)
CVE-2026-11287
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:06:19
- Zuletzt bearbeitet 08.06.2026 16:31:18
Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. (Chromium security severity...
CVE-2026-11288
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:19
- Zuletzt bearbeitet 09.06.2026 13:59:03
Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11284
- EPSS 0.24%
- Veröffentlicht 04.06.2026 23:06:18
- Zuletzt bearbeitet 09.06.2026 15:27:37
Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11285
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:18
- Zuletzt bearbeitet 09.06.2026 15:37:30
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)