CVE-2026-11272
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:06:13
- Zuletzt bearbeitet 09.06.2026 18:34:51
Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chrom...
CVE-2026-11273
- EPSS 0.16%
- Veröffentlicht 04.06.2026 23:06:13
- Zuletzt bearbeitet 08.06.2026 14:17:42
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromi...
CVE-2026-11274
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:13
- Zuletzt bearbeitet 09.06.2026 18:32:12
Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11270
- EPSS 0.19%
- Veröffentlicht 04.06.2026 23:06:12
- Zuletzt bearbeitet 08.06.2026 14:00:38
Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11271
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:06:12
- Zuletzt bearbeitet 08.06.2026 14:17:51
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11267
- EPSS 0.14%
- Veröffentlicht 04.06.2026 23:06:11
- Zuletzt bearbeitet 08.06.2026 14:18:14
Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. (Chromium security sever...
CVE-2026-11268
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:06:11
- Zuletzt bearbeitet 09.06.2026 18:38:06
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11269
- EPSS 0.1%
- Veröffentlicht 04.06.2026 23:06:11
- Zuletzt bearbeitet 08.06.2026 14:18:05
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2026-11265
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:10
- Zuletzt bearbeitet 08.06.2026 14:18:44
Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11266
- EPSS 0.17%
- Veröffentlicht 04.06.2026 23:06:10
- Zuletzt bearbeitet 08.06.2026 14:18:23
Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass Safe Browsing via a malicious file. (Chromium security severity: Low)