CVE-2026-11278
- EPSS 0.14%
- Veröffentlicht 04.06.2026 23:06:15
- Zuletzt bearbeitet 10.06.2026 19:19:45
Inappropriate implementation in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11275
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:14
- Zuletzt bearbeitet 08.06.2026 14:00:55
Inappropriate implementation in Page Info in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Lo...
CVE-2026-11276
- EPSS 0.08%
- Veröffentlicht 04.06.2026 23:06:14
- Zuletzt bearbeitet 05.06.2026 20:39:43
Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. (Chromium security severity: Low)
CVE-2026-11272
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:06:13
- Zuletzt bearbeitet 09.06.2026 18:34:51
Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chrom...
CVE-2026-11273
- EPSS 0.16%
- Veröffentlicht 04.06.2026 23:06:13
- Zuletzt bearbeitet 08.06.2026 14:17:42
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromi...
CVE-2026-11274
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:13
- Zuletzt bearbeitet 09.06.2026 18:32:12
Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11270
- EPSS 0.19%
- Veröffentlicht 04.06.2026 23:06:12
- Zuletzt bearbeitet 08.06.2026 14:00:38
Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11271
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:06:12
- Zuletzt bearbeitet 08.06.2026 14:17:51
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11267
- EPSS 0.14%
- Veröffentlicht 04.06.2026 23:06:11
- Zuletzt bearbeitet 08.06.2026 14:18:14
Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. (Chromium security sever...
CVE-2026-11268
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:06:11
- Zuletzt bearbeitet 09.06.2026 18:38:06
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)