90034 matches found
CVE-2026-11139
Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11137
CVE-2026-11137 is an uninitialized-use flaw in ANGLE within Google Chrome prior to 149.0.7827.53, allowing a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Affected component: ANGLE in Chromium-based Chrome; root cause: uninitialized memor...
CVE-2026-11135
CVE-2026-11135 describes insufficient policy enforcement in Chrome Autofill, allowing a remote attacker to bypass discretionary access control via a crafted HTML page. Affected software is Google Chrome (Chromium) prior to 149.0.7827.53. Root cause: incomplete enforcement of policy in Autofill fu...
CVE-2026-11136
Use after free in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11137
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11135
Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11136
CVE-2026-11136: Use-after-free in Canvas in Google Chrome before 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected product: Google Chrome (Canvas component); root cause: use-after-free condition in Canvas handling. Impact: potent...
CVE-2026-11134
CVE-2026-11134 arises from an insufficient data validation issue in the Media component of Google Chrome (Chromium-based) before version 149.0.7827.53. The flaw could allow a remote attacker to leak cross-origin data via a crafted HTML page. The description and connected sources consistently indi...
CVE-2026-11134
Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11134
Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11133
CVE-2026-11133: Affected software is Google Chrome (Chromium-based) prior to 149.0.7827.53. The issue is reported as Insufficient policy enforcement in Paint, enabling a remote attacker to bypass same-origin policy via a crafted HTML page. Root cause is described as insufficient policy enforcemen...
CVE-2026-11133
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11134
Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11133
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11130
CVE-2026-11130 affects Google Chrome on all platforms, with a use-after-free in Media that allows remote code execution inside the sandbox via a crafted HTML page. Affects Chrome versions prior to 149.0.7827.53; the vulnerability’s impact is described as high (CVE metrics show CVSSv3.1: AV:N/AC:L...
CVE-2026-11130
Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11132
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11131
Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11131
CVE-2026-11131 affects Google Chrome on Android. A use-after-free in Autofill can be triggered in the renderer, potentially allowing a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. Impact is a sandbox escape with high confidentiality, inte...
CVE-2026-11132
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...