DEBIAN-CVE-2026-11212

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

DEBIAN-CVE-2026-11159

Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-9935

Summary (CVE-2026-9935): Uninitialized Use in ANGLE affects Google Chrome’s ANGLE component, prior to version 148.0.7778.216. The root cause is an uninitialized use flaw in ANGLE, allowing a remote attacker to leak cross-origin data through a crafted HTML page. The CVSSv3.1 vector (AV:N/AC:L/PR:N...

CVE-2026-7945

Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-5283

Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2022-0108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2024-0804

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2018-18352

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page...

SUSE CVE-2020-6400

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

SUSE CVE-2021-38019

Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Google Chrome Cross-Origin Data Leakage Vulnerability

Chrome is a web browsing tool developed by Google. A cross-origin data leakage vulnerability exists in Google Chrome versions prior to 72.0.3626.81. The vulnerability stems from an improper implementation of JavaScript in Chrome. A remote attacker can exploit the vulnerability to leak cross-origi...