CVE-2026-11635
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:25
- Zuletzt bearbeitet 09.06.2026 16:56:09
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-11633
- EPSS 0.23%
- Veröffentlicht 08.06.2026 23:27:24
- Zuletzt bearbeitet 09.06.2026 16:57:07
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. (Chromium security severity: Critical)
CVE-2026-11634
- EPSS 0.25%
- Veröffentlicht 08.06.2026 23:27:24
- Zuletzt bearbeitet 09.06.2026 16:56:26
Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-11631
- EPSS 0.22%
- Veröffentlicht 08.06.2026 23:27:23
- Zuletzt bearbeitet 09.06.2026 14:45:17
Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-11632
- EPSS 0.26%
- Veröffentlicht 08.06.2026 23:27:23
- Zuletzt bearbeitet 09.06.2026 16:58:42
Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-11630
- EPSS 0.25%
- Veröffentlicht 08.06.2026 23:27:22
- Zuletzt bearbeitet 09.06.2026 14:47:23
Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-11628
- EPSS 0.18%
- Veröffentlicht 08.06.2026 23:27:21
- Zuletzt bearbeitet 09.06.2026 14:54:37
Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: Critical)
CVE-2026-11629
- EPSS 0.27%
- Veröffentlicht 08.06.2026 23:27:21
- Zuletzt bearbeitet 09.06.2026 14:52:32
Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-11309
- EPSS 0.13%
- Veröffentlicht 04.06.2026 23:06:28
- Zuletzt bearbeitet 08.06.2026 16:40:45
Insufficient policy enforcement in History in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11306
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:06:27
- Zuletzt bearbeitet 08.06.2026 18:04:30
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low)