CVE-2026-10941
- EPSS 0.42%
- Veröffentlicht 04.06.2026 23:03:48
- Zuletzt bearbeitet 09.06.2026 19:21:31
Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10942
- EPSS 0.12%
- Veröffentlicht 04.06.2026 23:03:48
- Zuletzt bearbeitet 08.06.2026 17:04:38
Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-10939
- EPSS 0.46%
- Veröffentlicht 04.06.2026 23:03:47
- Zuletzt bearbeitet 06.06.2026 01:56:52
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10940
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:03:47
- Zuletzt bearbeitet 08.06.2026 17:04:04
Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10936
- EPSS 0.39%
- Veröffentlicht 04.06.2026 23:03:46
- Zuletzt bearbeitet 05.06.2026 15:35:09
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10937
- EPSS 0.27%
- Veröffentlicht 04.06.2026 23:03:46
- Zuletzt bearbeitet 05.06.2026 20:23:46
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10938
- EPSS 0.35%
- Veröffentlicht 04.06.2026 23:03:46
- Zuletzt bearbeitet 05.06.2026 20:21:48
Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10934
- EPSS 0.27%
- Veröffentlicht 04.06.2026 23:03:45
- Zuletzt bearbeitet 05.06.2026 20:35:29
Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10935
- EPSS 0.39%
- Veröffentlicht 04.06.2026 23:03:45
- Zuletzt bearbeitet 05.06.2026 15:35:24
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10932
- EPSS 0.3%
- Veröffentlicht 04.06.2026 23:03:44
- Zuletzt bearbeitet 05.06.2026 20:35:15
Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)