CVE-2026-11085
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:04:50
- Zuletzt bearbeitet 08.06.2026 14:35:11
Integer overflow in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11086
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:04:50
- Zuletzt bearbeitet 06.06.2026 01:40:07
Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11083
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:04:49
- Zuletzt bearbeitet 08.06.2026 14:35:29
Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11084
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:04:49
- Zuletzt bearbeitet 08.06.2026 14:35:21
Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11080
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:48
- Zuletzt bearbeitet 08.06.2026 14:36:07
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11081
- EPSS 0.17%
- Veröffentlicht 04.06.2026 23:04:48
- Zuletzt bearbeitet 08.06.2026 14:35:55
Inappropriate implementation in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11082
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:48
- Zuletzt bearbeitet 08.06.2026 14:35:44
Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11078
- EPSS 0.2%
- Veröffentlicht 04.06.2026 23:04:47
- Zuletzt bearbeitet 08.06.2026 15:51:16
Inappropriate implementation in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11079
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:04:47
- Zuletzt bearbeitet 08.06.2026 14:38:50
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. (Chromium security severity: Medium)
CVE-2026-11075
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:46
- Zuletzt bearbeitet 08.06.2026 15:51:22
Out of bounds read in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)