Chromium: CVE-2026-11216 Incorrect security UI in File Input

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11216

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:29+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-11216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

CVE-2026-11216

Incorrect security UI in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

DEBIAN-CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

Fedora: Security Advisory (FEDORA-2025-37da05914f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-11216

creationtimestamp| type| source ---|---|--- 2025-10-14 16:38:44+00:00| seen| https://www.thezdi.com/blog/2025/10/14/the-october-2025-security-update-review 2025-11-07 01:42:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4yxa6wkys2q...

Linux Distros Unpatched Vulnerability : CVE-2025-11216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video...

Microsoft Edge (Chromium-Based) < 141.0.3537.57 Multiple Vulnerabilities (Oct 2025)

Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Fedora: Security Advisory (FEDORA-2025-acc92fcc12)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : chromium (2025-37da05914f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-37da05914f advisory. Update to 141.0.7390.54 High CVE-2025-11205: Heap buffer overflow in WebGPU High CVE-2025-11206: Heap buffer overflow in Video Medium CVE-2025-11207...

CVE-2024-11216

Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking. This issue affects Pik Online: before 3.1.5...

CVE-2024-11216

creationtimestamp| type| source ---|---|--- 2025-03-05 13:35:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6543 2025-03-05 16:00:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljndxyhel62a 2025-03-05 16:56:41+00:00| seen| https://t.me/cvedetector/19636 2025-03-06...

CVE-2024-11216

Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking. This issue affects Pik Online: before 3.1.5...

CVE-2024-11216

CVE-2024-11216 affects PozitifIK Pik Online (pre-3.1.5). The vulnerability is an Authorization Bypass Through User-Controlled Key that can enable account footprinting and session hijacking. CVSSv3.1 base score 7.6 (HIGH): Network attack vector, Low attack complexity, privileges required: Low , us...

CVE-2024-11216 Broken Access Control in PozitifIK's Pik Online

Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking. This issue affects Pik Online: before 3.1.5...

CVE-2024-11216 Broken Access Control in PozitifIK's Pik Online

Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking. This issue affects Pik Online: before 3.1.5...

Oracle Linux 9 : containernetworking-plugins (ELSA-2024-11216)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-11216 advisory. 1:1.5.1-3 - rebuild to fix CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

CVE-2019-11216

creationtimestamp| type| source ---|---|--- 2024-03-07 10:37:02+00:00| seen| https://t.me/ctinow/202274...