89997 matches found
CVE-2026-11249
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11249
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11249
The CVE-2026-11249 entry describes a use-after-free in the Network component of Google Chrome affecting versions prior to 149.0.7827.53 . A remote attacker who has already compromised the renderer process could craft an HTML page to read potentially sensitive data from process memory. The connect...
CVE-2026-11247
Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11248
Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11248
Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11247
Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11244
Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11245
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11244
Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11245
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11245
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11244
Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11242
Insufficient validation of untrusted input in Plugins in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11243
Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11243
Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11242
Insufficient validation of untrusted input in Plugins in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11243
Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11242
The CVE refers to Google Chrome before version 149.0.7827.53, where insufficient validation of untrusted input in Plugins could allow a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. The vulnerability is tied to the Plugins component; i...
CVE-2026-11243
Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...