CVE-2026-10946
- EPSS 0.37%
- Veröffentlicht 04.06.2026 23:03:50
- Zuletzt bearbeitet 09.06.2026 18:53:47
Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi...
CVE-2026-10943
- EPSS 0.49%
- Veröffentlicht 04.06.2026 23:03:49
- Zuletzt bearbeitet 09.06.2026 19:02:29
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10944
- EPSS 0.3%
- Veröffentlicht 04.06.2026 23:03:49
- Zuletzt bearbeitet 08.06.2026 17:07:03
Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10941
- EPSS 0.42%
- Veröffentlicht 04.06.2026 23:03:48
- Zuletzt bearbeitet 09.06.2026 19:21:31
Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10942
- EPSS 0.12%
- Veröffentlicht 04.06.2026 23:03:48
- Zuletzt bearbeitet 08.06.2026 17:04:38
Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-10939
- EPSS 0.46%
- Veröffentlicht 04.06.2026 23:03:47
- Zuletzt bearbeitet 06.06.2026 01:56:52
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10940
- EPSS 0.23%
- Veröffentlicht 04.06.2026 23:03:47
- Zuletzt bearbeitet 08.06.2026 17:04:04
Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10936
- EPSS 0.39%
- Veröffentlicht 04.06.2026 23:03:46
- Zuletzt bearbeitet 05.06.2026 15:35:09
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10937
- EPSS 0.27%
- Veröffentlicht 04.06.2026 23:03:46
- Zuletzt bearbeitet 05.06.2026 20:23:46
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10938
- EPSS 0.35%
- Veröffentlicht 04.06.2026 23:03:46
- Zuletzt bearbeitet 05.06.2026 20:21:48
Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)