CVE-2026-11148
- EPSS 0.14%
- Veröffentlicht 04.06.2026 23:05:19
- Zuletzt bearbeitet 08.06.2026 14:46:30
Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11145
- EPSS 0.16%
- Veröffentlicht 04.06.2026 23:05:18
- Zuletzt bearbeitet 08.06.2026 19:16:40
Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11146
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:05:18
- Zuletzt bearbeitet 08.06.2026 19:16:40
Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...
CVE-2026-11142
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:05:17
- Zuletzt bearbeitet 08.06.2026 14:23:23
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11143
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:05:17
- Zuletzt bearbeitet 08.06.2026 19:16:40
Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...
CVE-2026-11144
- EPSS 0.26%
- Veröffentlicht 04.06.2026 23:05:17
- Zuletzt bearbeitet 08.06.2026 19:16:40
Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Medium)
CVE-2026-11140
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:05:16
- Zuletzt bearbeitet 08.06.2026 19:16:39
Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security se...
CVE-2026-11141
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:05:16
- Zuletzt bearbeitet 08.06.2026 19:16:40
Uninitialized Use in Audio in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity...
CVE-2026-11138
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:05:15
- Zuletzt bearbeitet 08.06.2026 19:16:39
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11139
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:05:15
- Zuletzt bearbeitet 08.06.2026 14:23:55
Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)