CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

CVE-2026-11025

Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11012

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10932

Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-10929

Summary (CVE-2026-10929) : A heap buffer overflow in ANGLE used by Google Chrome on Android is exploitable prior to Chrome 149.0.7827.53. If a renderer process is compromised, a remote attacker could potentially escape the sandbox via a crafted HTML page, as described with Chromium severity: High...

CVE-2026-10923

CVE-2026-10923 describes a use-after-free vulnerability in the WebAppInstalls component of Google Chrome on Android, affecting versions prior to 149.0.7827.53. The flaw allows a local attacker to execute arbitrary code by interacting with a malicious file, representing a memory corruption issue w...

CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10892

CVE-2026-10892 is an out-of-bounds write in the GPU component of Google Chrome on Android, before version 149.0.7827.53, allowing a remote attacker to potentially escape the sandbox via a crafted HTML page. The issue affects Chrome for Android and is categorized as Critical. Public references sho...

PT-2026-46817

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An integer overflow in WebView allows a local attacker to cause a denial of service by using a malicious file. An integer overflow occurs when an arithmetic operation attempt...

PT-2026-46774

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient policy enforcement in CustomTabs allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version...

PT-2026-46558

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Drag and Drop feature allows a remote attacker who has compromised the renderer process to potentially perform a sandbox...

PT-2026-46488

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in the Input component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free i...

PT-2026-46635

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Near Field Communication NFC component allows a remote attacker to perform privilege escalation through the use of a crafted HTML page...

CVE-2025-48648

creationtimestamp| type| source ---|---|--- 2026-06-01 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities20260602 2026-06-02 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities20260603...

EUVD-2026-33672

Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0...

CVE-2026-45153

CVE-2026-45153 describes a PIN bypass in Nextcloud on Android. After unlocking a locked device, the back button could be used to bypass the Nextcloud Files app PIN for versions 33.0.0 up to (but not including) 33.1.0. The issue is mitigated by the patch in 33.1.0. The available sources confirm th...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from integer overflows in multiple functions within ubsanthrowingruntime.cpp. This vulnerability could lead to remote persistent...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from integer overflows in multiple functions within ubsanthrowingruntime.cpp. This vulnerability could lead to remote denial of service...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from integer overflows in multiple functions within ubsanthrowingruntime.cpp. This vulnerability could lead to remote denial of service...