CVE-2026-11292

A policy bypass flaw was found in the Blink component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502358901...

CVE-2026-11291

A policy bypass flaw was found in the Android Autofill component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502346855...

CVE-2026-11288

A policy bypass flaw was found in the CSS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502231588...

CVE-2026-11283

A policy bypass flaw was found in the Shortcuts component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502069297...

CVE-2026-11282

A policy bypass flaw was found in the Sandbox component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502023400...

CVE-2026-11264

A policy bypass flaw was found in the Content Security Policy component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500099106...

CVE-2026-11266

A policy bypass flaw was found in the SafeBrowsing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500521311...

CVE-2026-11260

A policy bypass flaw was found in the Permissions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499257860...

CVE-2026-11252

A policy bypass flaw was found in the Content Settings component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498373018...

CVE-2026-11248

A policy bypass flaw was found in the Google Lens component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497946941...

CVE-2026-11206

A policy bypass flaw was found in the ServiceWorker component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505427216...

CVE-2026-11203

A policy bypass flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505192638...

CVE-2026-11180

A policy bypass flaw was found in the SVG component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502631225...

CVE-2026-11178

A policy bypass flaw was found in the WebView component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502501810...

CVE-2026-11142

A policy bypass flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501668745...

CVE-2026-11139

A policy bypass flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501650594...

CVE-2026-11132

A policy bypass flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501597365...

CVE-2026-11081

A policy bypass flaw was found in the Canvas component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500076131...

CVE-2026-34507

OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allowFrom policy checks. Attackers can route admin commands from unauthorized senders or contexts to execute restricted behavior that policy should have...

CVE-2026-48207

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory...