CVE-2026-10985
- EPSS 0.31%
- Veröffentlicht 04.06.2026 23:04:08
- Zuletzt bearbeitet 05.06.2026 20:37:02
Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10986
- EPSS 0.33%
- Veröffentlicht 04.06.2026 23:04:08
- Zuletzt bearbeitet 06.06.2026 01:48:23
Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High)
CVE-2026-10982
- EPSS 0.46%
- Veröffentlicht 04.06.2026 23:04:07
- Zuletzt bearbeitet 06.06.2026 01:45:56
Use after free in WebXR in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10983
- EPSS 0.33%
- Veröffentlicht 04.06.2026 23:04:07
- Zuletzt bearbeitet 05.06.2026 20:38:29
Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10980
- EPSS 0.33%
- Veröffentlicht 04.06.2026 23:04:06
- Zuletzt bearbeitet 05.06.2026 20:36:23
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10981
- EPSS 0.28%
- Veröffentlicht 04.06.2026 23:04:06
- Zuletzt bearbeitet 05.06.2026 20:35:55
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. (Chromium security severity: High)
CVE-2026-10977
- EPSS 0.34%
- Veröffentlicht 04.06.2026 23:04:05
- Zuletzt bearbeitet 05.06.2026 20:36:49
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10978
- EPSS 0.33%
- Veröffentlicht 04.06.2026 23:04:05
- Zuletzt bearbeitet 06.06.2026 01:45:35
Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
CVE-2026-10979
- EPSS 0.31%
- Veröffentlicht 04.06.2026 23:04:05
- Zuletzt bearbeitet 05.06.2026 20:36:34
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10975
- EPSS 0.46%
- Veröffentlicht 04.06.2026 23:04:04
- Zuletzt bearbeitet 06.06.2026 01:45:05
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)