305 matches found
Chromium: CVE-2026-11206 Policy bypass in ServiceWorker
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34667
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-34662
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
Linux Distros Unpatched Vulnerability : CVE-2026-11201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute...
CVE-2026-11206
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-11206
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11206
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11206
This CVE concerns Google Chrome’s ServiceWorker: insufficient policy enforcement allows a remote attacker to leak cross-origin data via a crafted HTML page. Vulnerable are Chrome versions prior to 149.0.7827.53; the issue’s impact is cross-origin data disclosure with a network attacker, requiring...
CVE-2026-11206
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11201
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11201
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11201
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11201
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
PT-2026-46727
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the ServiceWorker component. This occurs when a user is convinced to install a malicious extension, allowing an attacker to execute arbitrary code throu...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released by ServiceWorker, which could allow attackers to execute arbitrary code...
PT-2026-46732
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in ServiceWorker allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. ServiceWorker is a script that the browser ru...
CVE-2026-9116
An insufficient policy enforcement flaw was found in the ServiceWorker component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497436273...
Linux Distros Unpatched Vulnerability : CVE-2022-45410
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect...
Chromium: CVE-2026-9116 Insufficient policy enforcement in ServiceWorker
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Linux Distros Unpatched Vulnerability : CVE-2026-9116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted...