CVE-2026-11155
- EPSS 0.15%
- Veröffentlicht 04.06.2026 23:05:22
- Zuletzt bearbeitet 08.06.2026 14:46:41
Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11151
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:05:21
- Zuletzt bearbeitet 08.06.2026 14:46:11
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...
CVE-2026-11152
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:05:21
- Zuletzt bearbeitet 08.06.2026 14:56:28
Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11153
- EPSS 0.26%
- Veröffentlicht 04.06.2026 23:05:21
- Zuletzt bearbeitet 08.06.2026 14:56:12
Side-channel information leakage in Forms in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11149
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:05:20
- Zuletzt bearbeitet 05.06.2026 20:45:49
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: ...
CVE-2026-11150
- EPSS 0.16%
- Veröffentlicht 04.06.2026 23:05:20
- Zuletzt bearbeitet 08.06.2026 14:46:19
Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11147
- EPSS 0.35%
- Veröffentlicht 04.06.2026 23:05:19
- Zuletzt bearbeitet 05.06.2026 20:46:01
Use after free in WebML in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11148
- EPSS 0.14%
- Veröffentlicht 04.06.2026 23:05:19
- Zuletzt bearbeitet 08.06.2026 14:46:30
Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11145
- EPSS 0.16%
- Veröffentlicht 04.06.2026 23:05:18
- Zuletzt bearbeitet 08.06.2026 19:16:40
Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11146
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:05:18
- Zuletzt bearbeitet 08.06.2026 19:16:40
Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...