CVE-2026-11142
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:05:17
- Zuletzt bearbeitet 08.06.2026 14:23:23
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11143
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:05:17
- Zuletzt bearbeitet 08.06.2026 19:16:40
Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...
CVE-2026-11144
- EPSS 0.26%
- Veröffentlicht 04.06.2026 23:05:17
- Zuletzt bearbeitet 08.06.2026 19:16:40
Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Medium)
CVE-2026-11140
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:05:16
- Zuletzt bearbeitet 08.06.2026 19:16:39
Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security se...
CVE-2026-11141
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:05:16
- Zuletzt bearbeitet 08.06.2026 19:16:40
Uninitialized Use in Audio in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity...
CVE-2026-11138
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:05:15
- Zuletzt bearbeitet 08.06.2026 19:16:39
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11139
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:05:15
- Zuletzt bearbeitet 08.06.2026 14:23:55
Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11135
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:05:14
- Zuletzt bearbeitet 08.06.2026 14:24:12
Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11136
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:05:14
- Zuletzt bearbeitet 05.06.2026 20:46:09
Use after free in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11137
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:05:14
- Zuletzt bearbeitet 08.06.2026 19:16:39
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)