6 matches found
EUVD-2026-34594
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11289
Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11133
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11289
Affected software: Google Chrome (Chromium); component: Paint. Vulnerable until Chrome version 149.0.7827.53. Issue: side-channel information leakage allowing a remote attacker to exfiltrate cross-origin data via a crafted HTML page. Root cause details are not explicitly stated in the provided do...
CVE-2026-11142
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
PT-2026-46666
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Paint allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, by usi...