Chromium: CVE-2026-11172 Incorrect security UI in Contact Picker

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

DEBIAN-CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

CVE-2026-11649

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11208

An use after free flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506387278...

CVE-2026-11174

An insufficient policy enforcement flaw was found in the Site Isolation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502348223...

CVE-2026-11028

An use after free flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497627277...

SUSE CVE-2026-11118

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-11155

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10997

An insufficient policy enforcement flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=464217867...

SUSE CVE-2026-11194

Inappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-11195

Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

Chromium: CVE-2026-11037 Out of bounds write in Codecs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11257 Inappropriate implementation in Browser

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-34436

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

EUVD-2026-34426

Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-11285

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTM...

Linux Distros Unpatched Vulnerability : CVE-2026-11273

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specif...

Linux Distros Unpatched Vulnerability : CVE-2026-10894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially...

Linux Distros Unpatched Vulnerability : CVE-2026-10903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-11064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via ...