CVE-2026-11043
- EPSS 0.3%
- Veröffentlicht 04.06.2026 23:04:32
- Zuletzt bearbeitet 08.06.2026 13:29:46
Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11040
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:04:31
- Zuletzt bearbeitet 05.06.2026 20:28:23
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11041
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:31
- Zuletzt bearbeitet 08.06.2026 13:31:21
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...
CVE-2026-11037
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:04:30
- Zuletzt bearbeitet 05.06.2026 20:43:35
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
CVE-2026-11038
- EPSS 0.19%
- Veröffentlicht 04.06.2026 23:04:30
- Zuletzt bearbeitet 05.06.2026 20:43:30
Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. (Chromium security severity: Medium)
CVE-2026-11039
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:04:30
- Zuletzt bearbeitet 08.06.2026 13:31:44
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11034
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:04:29
- Zuletzt bearbeitet 08.06.2026 13:38:42
Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chromium security severity: Medium)
CVE-2026-11035
- EPSS 0.08%
- Veröffentlicht 04.06.2026 23:04:29
- Zuletzt bearbeitet 08.06.2026 13:34:46
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. (Chromium security severity: Medium)
CVE-2026-11036
- EPSS 0.17%
- Veröffentlicht 04.06.2026 23:04:29
- Zuletzt bearbeitet 08.06.2026 13:34:20
Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11032
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:04:28
- Zuletzt bearbeitet 08.06.2026 13:39:41
Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)