CVE-2026-11676
- EPSS 0.23%
- Veröffentlicht 08.06.2026 23:27:48
- Zuletzt bearbeitet 10.06.2026 15:32:52
Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr...
CVE-2026-11674
- EPSS 0.24%
- Veröffentlicht 08.06.2026 23:27:47
- Zuletzt bearbeitet 09.06.2026 14:54:17
Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11672
- EPSS 0.24%
- Veröffentlicht 08.06.2026 23:27:46
- Zuletzt bearbeitet 10.06.2026 16:15:12
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11673
- EPSS 0.24%
- Veröffentlicht 08.06.2026 23:27:46
- Zuletzt bearbeitet 09.06.2026 14:54:06
Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11671
- EPSS 0.24%
- Veröffentlicht 08.06.2026 23:27:45
- Zuletzt bearbeitet 09.06.2026 14:53:57
Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11669
- EPSS 0.21%
- Veröffentlicht 08.06.2026 23:27:44
- Zuletzt bearbeitet 10.06.2026 16:16:05
Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium sec...
CVE-2026-11670
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:44
- Zuletzt bearbeitet 09.06.2026 14:53:48
Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
CVE-2026-11667
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:43
- Zuletzt bearbeitet 09.06.2026 14:53:38
Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11668
- EPSS 0.19%
- Veröffentlicht 08.06.2026 23:27:43
- Zuletzt bearbeitet 10.06.2026 16:17:11
Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High)
CVE-2026-11665
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:42
- Zuletzt bearbeitet 09.06.2026 14:58:41
Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)