2029 matches found
CVE-2026-11189
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11189
CVE-2026-11189 affects Google Chrome DevTools; the root cause is insufficient validation of untrusted input in DevTools, allowing a crafted Chrome Extension to bypass navigation restrictions. Affected software is Chrome with DevTools prior to 149.0.7827.53. Remediation: update Chrome to 149.0.782...
CVE-2026-11126
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11126
CVE-2026-11126 : Concrete details show an issue in Chromium-based Chrome DevTools. An attacker could leak cross-origin data by convincing a user to install a malicious Chrome extension. Affected software/version: Google Chrome/Chromium prior to 149.0.7827.53. The Debian advisory fixes this in chr...
CVE-2026-11126
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11126
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11092
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11092
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11092
Summary of CVE-2026-11092 : Google Chrome’s DevTools policy enforcement is insufficient before version 149.0.7827.53. An attacker could persuade a user to install a crafted (malicious) Chrome Extension to execute privilege escalation. Affected software: Chrome with DevTools; trigger requires user...
CVE-2026-11092
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11022
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11022
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11022
CVE-2026-11022 affects Google Chrome/Chromium prior to 149.0.7827.53 with insufficient validation of untrusted input in DevTools, enabling a remote attacker who has compromised the renderer to bypass same-origin policy via a crafted HTML page. Debian advisories (DSA-6325) confirm fixes in chromiu...
CVE-2026-11022
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-10980
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-10980
CVE-2026-10980 : In Google Chrome, the DevTools component had insufficient validation of untrusted input, allowing a remote attacker who had compromised the renderer process to bypass the same-origin policy via a crafted HTML page. This stems from a Chromium-level input-validation issue and could...
CVE-2026-10980
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-10980
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-10965
CVE-2026-10965 is an integer overflow in Google Chrome’s DevTools prior to 149.0.7827.53. The issue allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Affected software: Chrome (DevTools). Root cause: integer overflow in DevTools as described in multiple ...
CVE-2026-10965
Integer overflow in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...