Chromium: CVE-2026-11206 Policy bypass in ServiceWorker

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11206

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:27+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918...

CVE-2026-11206

This CVE concerns Google Chrome’s ServiceWorker: insufficient policy enforcement allows a remote attacker to leak cross-origin data via a crafted HTML page. Vulnerable are Chrome versions prior to 149.0.7827.53; the issue’s impact is cross-origin data disclosure with a network attacker, requiring...

CVE-2025-11206

Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2025-11206

Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Fedora: Security Advisory (FEDORA-2025-37da05914f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Edge (Chromium-Based) < 141.0.3537.57 Multiple Vulnerabilities (Oct 2025)

Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Linux Distros Unpatched Vulnerability : CVE-2025-11206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

Fedora: Security Advisory (FEDORA-2025-acc92fcc12)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : chromium (2025-37da05914f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-37da05914f advisory. Update to 141.0.7390.54 High CVE-2025-11205: Heap buffer overflow in WebGPU High CVE-2025-11206: Heap buffer overflow in Video Medium CVE-2025-11207...

CVE-2025-11206

creationtimestamp| type| source ---|---|--- 2025-10-02 08:14:07+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m274cursvj23 2025-10-02 09:42:39+00:00| seen| https://gist.github.com/Darkcrai86/2e2b6d00347b20260ff9cb32c51fc3de 2025-10-04 21:08:15+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2018-11206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds read was discovered in H5Ofillnewdecode and H5Ofillolddecode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of...

PT-2025-40325

Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description A flaw exists that allows attackers to affect the system. Specifically, a heap buffer overflow is present in Video. This issue is addressed in Microsoft Edge Chromium-based and Google Chrome...

PT-2025-40324

Name of the Vulnerable Software and Affected Versions Chromium versions prior to 141.0.7390.54 Google Chrome versions prior to 141.0.7390.54 Microsoft Edge Chromium-based versions prior to 141.0.7390.54 Description A heap buffer overflow exists in the WebGPU component of Google Chrome and Microso...

CVE-2024-11206

creationtimestamp| type| source ---|---|--- 2024-11-14 06:38:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113479930037401778 2024-11-14 09:07:29+00:00| seen| https://t.me/cvedetector/10908...

[SECURITY] [DLA 3522-1] hdf5 security update

Debian LTS Advisory DLA-3522-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 09, 2023 https://wiki.debian.org/LTS Package : hdf5 Version : 1.10.4+repack-10+deb10u1 CVE ID : CVE-2018-11206 CVE-2018-17233 CVE-2018-17234 CVE-2018-17237 CVE-2018-17434...

Debian dla-3522 : hdf5-helpers - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3522 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3522-1 [email protected]...

SUSE SLES12 Security Update : hdf5, suse-hpc (SUSE-SU-2022:1933-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1933-1 advisory. Security issues fixed: - CVE-2020-10811: Fixed heap-based buffer over-read in the function H5Olayoutdecode located in H5Olayout.c...

SUSE CVE-2018-14032

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11206. Reason: This candidate is a reservation duplicate of CVE-2018-11206. Notes: All CVE users should reference CVE-2018-11206 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2020-11206

CVE-2020-11206 describes a possible buffer overflow in Qualcomm’s Fastrpc when handling received parameters due to insufficient input validation. Affected devices span Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, and Mobile families, including APQ8098 through SM8350P variants. Root cau...