CVE-2026-11263
- EPSS 0.26%
- Veröffentlicht 04.06.2026 23:06:09
- Zuletzt bearbeitet 08.06.2026 13:58:03
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity:...
CVE-2026-11264
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:09
- Zuletzt bearbeitet 08.06.2026 14:18:57
Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11260
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:08
- Zuletzt bearbeitet 08.06.2026 14:19:24
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11261
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:08
- Zuletzt bearbeitet 08.06.2026 14:19:08
Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11262
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:06:08
- Zuletzt bearbeitet 05.06.2026 20:39:50
Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11258
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:07
- Zuletzt bearbeitet 08.06.2026 14:19:38
Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium secu...
CVE-2026-11259
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:07
- Zuletzt bearbeitet 08.06.2026 14:19:32
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11255
- EPSS 0.26%
- Veröffentlicht 04.06.2026 23:06:06
- Zuletzt bearbeitet 05.06.2026 15:33:10
Insufficient validation of untrusted input in Storage Access API in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity...
CVE-2026-11256
- EPSS 0.21%
- Veröffentlicht 04.06.2026 23:06:06
- Zuletzt bearbeitet 05.06.2026 15:33:22
Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11257
- EPSS 0.19%
- Veröffentlicht 04.06.2026 23:06:06
- Zuletzt bearbeitet 08.06.2026 14:25:51
Inappropriate implementation in Browser in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)