Lucene search
K

8079 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11149

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.8AI score0.00221EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.29 views

CVE-2026-11149

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

0.00221EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11149

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.5AI score0.00221EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11143

Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.5AI score0.00175EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:5 p.m.17 views

CVE-2026-11143

CVE-2026-11143 concerns Google Chrome on Linux prior to 149.0.7827.53, where an issue in the Extensions component (described variously as a heap/buffer issue and an out-of-bounds read) could allow an attacker who persuades a user to install a malicious extension to extract potentially sensitive d...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.30 views

CVE-2026-11143

Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

0.00175EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11143

Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00175EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.9 views

CVE-2026-11129

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.30 views

CVE-2026-11129

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00176EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11129

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.7 views

CVE-2026-11062

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

5.4AI score0.00135EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.19 views

CVE-2026-11062

CVE-2026-11062 affects Google Chrome extensions: insufficient policy enforcement in Extensions allows an attacker to inject scripts/HTML into a privileged page when a user installs a crafted malicious extension. Impact is partial integrity compromise of privileged pages; exploit not confirmed in ...

4.3CVSS5.8AI score0.00135EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.32 views

CVE-2026-11062

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

0.00135EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.7 views

CVE-2026-11062

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.4AI score0.00135EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.34 views

CVE-2026-11048

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: Medium...

0.00158EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11048

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00158EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.7 views

CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

5.5AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.34 views

CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

0.00221EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.8 views

CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00221EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:4 p.m.18 views

CVE-2026-11014

CVE-2026-11014 is a Chromium/Google Chrome issue described across connected advisories as: Insufficient policy enforcement in Extensions that could let an attacker bypass site isolation when a user is convinced to install a malicious extension. Affected products/versions referenced in the documen...

6.5CVSS5.7AI score0.00214EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder