246655 matches found
CVE-2026-11077
Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11077
CVE-2026-11077 affects Google Chrome (Dawn) and is caused by a bad cast in Dawn that allows a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page. Affected version range is before 149.0.7827.53; the vulnerability is fixed in that release. The CVSS/metrics ind...
CVE-2026-11076
Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11077
Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11074
Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11074
Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11068
Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11068
Summary: CVE-2026-11068 is a use-after-free in Chrome’s WebSockets implementation that could allow remote code execution inside a sandbox. The issue affects Google Chrome builds prior to version 149.0.7827.53. The vulnerability description across multiple sources aligns on the same root cause and...
CVE-2026-11068
Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11060
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11060
CVE-2026-11060 corresponds to a use-after-free in the Media component of Google Chrome on Windows, prior to version 149.0.7827.53. The underlying issue can allow a remote attacker to execute arbitrary code within the Chrome sandbox via a crafted HTML page. The vulnerability is tied to Chromium co...
CVE-2026-11060
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11059
The vulnerability CVE-2026-11059 affects Google Chrome’s Blink engine, with a use-after-free in Blink that could allow remote code execution inside the sandbox via a crafted HTML page. Affected are Chrome builds prior to 149.0.7827.53; remediation is to update to 149.0.7827.53 or newer (per Chrom...
CVE-2026-11059
Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11059
Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11054
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11054
The CVE-2026-11054 entry covers a Use-After-Free in WebRTC for Google Chrome, prior to version 149.0.7827.53. The vulnerability could allow a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page, with impact on confidentiality, integrity, and availability (hig...
CVE-2026-11055
CVE-2026-11055 concerns Google Chrome on Windows, where a use-after-free in ANGLE can be triggered by a crafted HTML page. The vulnerability allows a remote attacker to execute arbitrary code within the browser sandbox. Affected versions are Chrome prior to 149.0.7827.53 . There is no explicit ex...
CVE-2026-11054
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11055
Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...