CVE-2026-11269
- EPSS 0.1%
- Veröffentlicht 04.06.2026 23:06:11
- Zuletzt bearbeitet 08.06.2026 14:18:05
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2026-11265
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:10
- Zuletzt bearbeitet 08.06.2026 14:18:44
Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11266
- EPSS 0.17%
- Veröffentlicht 04.06.2026 23:06:10
- Zuletzt bearbeitet 08.06.2026 14:18:23
Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass Safe Browsing via a malicious file. (Chromium security severity: Low)
CVE-2026-11263
- EPSS 0.26%
- Veröffentlicht 04.06.2026 23:06:09
- Zuletzt bearbeitet 08.06.2026 13:58:03
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity:...
CVE-2026-11264
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:09
- Zuletzt bearbeitet 08.06.2026 14:18:57
Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11260
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:08
- Zuletzt bearbeitet 08.06.2026 14:19:24
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11261
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:08
- Zuletzt bearbeitet 08.06.2026 14:19:08
Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11262
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:06:08
- Zuletzt bearbeitet 05.06.2026 20:39:50
Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11258
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:06:07
- Zuletzt bearbeitet 08.06.2026 14:19:38
Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium secu...
CVE-2026-11259
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:06:07
- Zuletzt bearbeitet 08.06.2026 14:19:32
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)