90034 matches found
CVE-2026-11132
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11128
Summary of CVE-2026-11128 : In Google Chrome (Chromium-based) before 149.0.7827.53, an inappropriate Web Share implementation could leak cross-origin data when a user performed specific UI gestures on a crafted HTML page. This is rooted in Chromium’s Web Share handling and is addressed in Chromiu...
CVE-2026-11129
This CVE concerns Google Chrome Extensions with an inappropriate implementation in Chrome prior to 149.0.7827.53. The issue allows a remote attacker to leak cross-origin data through a crafted HTML page, as described (Chromium security severity: Medium). Affected product: Chrome (Extensions compo...
CVE-2026-11129
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11128
Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11129
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11128
Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11125
Use after free in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11124
Integer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11123
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11123
CVE-2026-11123 concerns an Uninitialized Use in ANGLE within Google Chrome/Chromium prior to version 149.0.7827.53. The issue could allow a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page (impact: information disclosure). Connected documents...
CVE-2026-11124
Integer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11121
Insufficient validation of untrusted input in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11122
Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11122
Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11122
Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11120
Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11119
Inappropriate implementation in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11119
CVE-2026-11119 involves an insecure GPU implementation in Google Chrome on Android up to version before 149.0.7827.53, where a remote attacker who has already compromised the renderer process could potentially perform a sandbox escape via a crafted HTML page. The connected documents reiterate the...
CVE-2026-11118
CVE-2026-11118 : This vulnerability describes a use-after-free in WebRTC in Google Chrome prior to 149.0.7827.53. Exploitation via a crafted HTML page could allow a remote attacker to execute arbitrary code inside the Chrome sandbox. The issue, reported with Chromium as the underlying engine, is ...