CVE-2026-11076
- EPSS 0.31%
- Veröffentlicht 04.06.2026 23:04:46
- Zuletzt bearbeitet 06.06.2026 01:39:41
Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11077
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:04:46
- Zuletzt bearbeitet 06.06.2026 01:39:52
Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11073
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:45
- Zuletzt bearbeitet 08.06.2026 15:51:29
Use after free in WebGL in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11074
- EPSS 0.36%
- Veröffentlicht 04.06.2026 23:04:45
- Zuletzt bearbeitet 06.06.2026 01:39:28
Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11070
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:04:44
- Zuletzt bearbeitet 08.06.2026 15:52:04
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via malicious network traffic. (Chro...
CVE-2026-11071
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:44
- Zuletzt bearbeitet 08.06.2026 15:51:55
Use after free in Base in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security sev...
CVE-2026-11072
- EPSS 0.11%
- Veröffentlicht 04.06.2026 23:04:44
- Zuletzt bearbeitet 08.06.2026 15:51:36
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: Medium)
CVE-2026-11068
- EPSS 0.36%
- Veröffentlicht 04.06.2026 23:04:43
- Zuletzt bearbeitet 06.06.2026 01:39:14
Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11069
- EPSS 0.21%
- Veröffentlicht 04.06.2026 23:04:43
- Zuletzt bearbeitet 08.06.2026 15:52:11
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11065
- EPSS 0.33%
- Veröffentlicht 04.06.2026 23:04:42
- Zuletzt bearbeitet 05.06.2026 20:27:56
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)