22 matches found
CVE-2026-10952
An use after free flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505231370...
EUVD-2026-34754
Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-34433
Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...
EUVD-2026-34401
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-11150
Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11129
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-10943
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11301
Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicious network traffic. Chromium security severity: Low...
CVE-2026-11289
Affected software: Google Chrome (Chromium); component: Paint. Vulnerable until Chrome version 149.0.7827.53. Issue: side-channel information leakage allowing a remote attacker to exfiltrate cross-origin data via a crafted HTML page. Root cause details are not explicitly stated in the provided do...
CVE-2026-11257
Inappropriate implementation in Browser in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11248
Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11221
Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11122
Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11116
This CVE (CVE-2026-11116) affects Chromoting in Google Chrome before version 149.0.7827.53. The underlying issue is a use-after-free defect in Chromoting, allowing a remote attacker to execute arbitrary code via malicious network traffic. The Microsoft/MSRC and EU/national advisories align on the...
CVE-2026-11084
CVE-2026-11084 affects Google Chrome’s Password Manager. The issue is described as an inappropriate implementation allowing a remote attacker to leak cross-origin data through a crafted HTML page. Affected version range is Chrome prior to 149.0.7827.53. The vulnerability is tied to a Chromium sec...
CVE-2026-11054
The CVE-2026-11054 entry covers a Use-After-Free in WebRTC for Google Chrome, prior to version 149.0.7827.53. The vulnerability could allow a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page, with impact on confidentiality, integrity, and availability (hig...
CVE-2026-11047
Inappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11000
Use after free in Fonts in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
PT-2026-46788
Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of ANGLE components after their release, which could allow remote attackers to execute arbitrary code...