CVE-2026-11156
- EPSS 0.15%
- Veröffentlicht 04.06.2026 23:05:23
- Zuletzt bearbeitet 08.06.2026 14:46:22
Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11157
- EPSS 0.12%
- Veröffentlicht 04.06.2026 23:05:23
- Zuletzt bearbeitet 08.06.2026 14:45:48
Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UXSS) via a crafted Chrome Extension. (Chromium security severity...
CVE-2026-11154
- EPSS 0.21%
- Veröffentlicht 04.06.2026 23:05:22
- Zuletzt bearbeitet 08.06.2026 14:55:58
Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11155
- EPSS 0.15%
- Veröffentlicht 04.06.2026 23:05:22
- Zuletzt bearbeitet 08.06.2026 14:46:41
Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11151
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:05:21
- Zuletzt bearbeitet 08.06.2026 14:46:11
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...
CVE-2026-11152
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:05:21
- Zuletzt bearbeitet 08.06.2026 14:56:28
Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11153
- EPSS 0.26%
- Veröffentlicht 04.06.2026 23:05:21
- Zuletzt bearbeitet 08.06.2026 14:56:12
Side-channel information leakage in Forms in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11149
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:05:20
- Zuletzt bearbeitet 05.06.2026 20:45:49
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: ...
CVE-2026-11150
- EPSS 0.16%
- Veröffentlicht 04.06.2026 23:05:20
- Zuletzt bearbeitet 08.06.2026 14:46:19
Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11147
- EPSS 0.35%
- Veröffentlicht 04.06.2026 23:05:19
- Zuletzt bearbeitet 05.06.2026 20:46:01
Use after free in WebML in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)