CVE-2026-11084
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:04:49
- Zuletzt bearbeitet 08.06.2026 14:35:21
Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11080
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:48
- Zuletzt bearbeitet 08.06.2026 14:36:07
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11081
- EPSS 0.17%
- Veröffentlicht 04.06.2026 23:04:48
- Zuletzt bearbeitet 08.06.2026 14:35:55
Inappropriate implementation in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11082
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:48
- Zuletzt bearbeitet 08.06.2026 14:35:44
Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11078
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:04:47
- Zuletzt bearbeitet 08.06.2026 15:51:16
Inappropriate implementation in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11079
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:04:47
- Zuletzt bearbeitet 08.06.2026 14:38:50
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. (Chromium security severity: Medium)
CVE-2026-11075
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:46
- Zuletzt bearbeitet 08.06.2026 15:51:22
Out of bounds read in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11076
- EPSS 0.31%
- Veröffentlicht 04.06.2026 23:04:46
- Zuletzt bearbeitet 06.06.2026 01:39:41
Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11077
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:04:46
- Zuletzt bearbeitet 06.06.2026 01:39:52
Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11073
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:45
- Zuletzt bearbeitet 08.06.2026 15:51:29
Use after free in WebGL in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)