89964 matches found
CVE-2026-11270
CVE-2026-11270 affects Google Chrome on Android, where an inappropriate UI implementation allows a remote attacker to leak cross-origin data via a crafted HTML page. The issue is tied to Chrome/Chromium UI handling prior to version 149.0.7827.53. Impact is confined to cross-origin data leakage; n...
CVE-2026-11268
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11268
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11268
CVE-2026-11268 affects ANGLE in Google Chrome on Windows, with an uninitialized use that allows a remote attacker to leak cross-origin data via a crafted HTML page. The description indicates the issue exists in Chrome builds prior to version 149.0.7827.53, implying the fix is included in 149.0.78...
CVE-2026-11265
Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11265
Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11265
Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11264
Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11264
Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11263
CVE-2026-11263 involves insufficient policy enforcement in WebAuthentication for Google Chrome on Android. The issue allows a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page. Affected software is Chrome on Android prior to version 149.0.7...
CVE-2026-11263
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11263
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11262
Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11260
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11260
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11261
Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11261
Google Chrome is affected by CVE-2026-11261 due to an inappropriate implementation in the PDF handling within Chromium before version 149.0.7827.53. A remote attacker who has already compromised the renderer process could trigger UI spoofing by serving a crafted HTML page. The reported impact is ...
CVE-2026-11262
Use-after-free in TabStrip of Google Chrome before 149.0.7827.53 allows a remote attacker to execute arbitrary code via a crafted HTML page. Affected product: Google Chrome (Chromium-based); vulnerable component: TabStrip; root cause: use-after-free in TabStrip handling. CVSS v3.1 metrics indicat...
CVE-2026-11262
Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11261
Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...