CVE-2026-11044
- EPSS 0.29%
- Veröffentlicht 04.06.2026 23:04:33
- Zuletzt bearbeitet 08.06.2026 15:01:32
Integer overflow in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11045
- EPSS 0.29%
- Veröffentlicht 04.06.2026 23:04:33
- Zuletzt bearbeitet 08.06.2026 15:02:55
Insufficient validation of untrusted input in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chr...
CVE-2026-11042
- EPSS 0.3%
- Veröffentlicht 04.06.2026 23:04:32
- Zuletzt bearbeitet 05.06.2026 20:43:20
Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11043
- EPSS 0.3%
- Veröffentlicht 04.06.2026 23:04:32
- Zuletzt bearbeitet 08.06.2026 13:29:46
Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11040
- EPSS 0.22%
- Veröffentlicht 04.06.2026 23:04:31
- Zuletzt bearbeitet 05.06.2026 20:28:23
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11041
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:04:31
- Zuletzt bearbeitet 08.06.2026 13:31:21
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...
CVE-2026-11037
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:04:30
- Zuletzt bearbeitet 05.06.2026 20:43:35
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
CVE-2026-11038
- EPSS 0.19%
- Veröffentlicht 04.06.2026 23:04:30
- Zuletzt bearbeitet 05.06.2026 20:43:30
Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. (Chromium security severity: Medium)
CVE-2026-11039
- EPSS 0.25%
- Veröffentlicht 04.06.2026 23:04:30
- Zuletzt bearbeitet 08.06.2026 13:31:44
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11034
- EPSS 0.18%
- Veröffentlicht 04.06.2026 23:04:29
- Zuletzt bearbeitet 08.06.2026 13:38:42
Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chromium security severity: Medium)