16604 matches found
CVE-2026-11040
Summary : CVE-2026-11040 describes a use-after-free in ANGLE used by Google Chrome/Chromium prior to 149.0.7827.53. If a renderer process is compromised, an attacker could potentially escape the sandbox by loading a crafted HTML page. The vulnerability is categorized with a Chromium security seve...
CVE-2026-11041
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11041
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11040
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11040
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11040
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11041
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11041
CVE-2026-11041 affects Google Chrome on Windows and involves insufficient validation of untrusted input in Media, allowing a sandbox escape if a renderer process is compromised. A crafted HTML page could trigger the escape. The vulnerability is tied to Chrome versions prior to 149.0.7827.53; the ...
CVE-2026-11037
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...
CVE-2026-11037
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...
CVE-2026-11037
CVE-2026-11037 describes an out-of-bounds write in Chrome’s Codecs component, affecting Google Chrome before version 149.0.7827.53. The issue could allow a remote attacker to potentially achieve a sandbox escape via a crafted video file. Chromium/Chrome lists the vulnerability with a Chromium sec...
CVE-2026-11037
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...
CVE-2026-11029
Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11029
Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11029
CVE-2026-11029 affects Google Chrome for Android prior to 149.0.7827.53. The issue is caused by insufficient validation of untrusted input in the Drag and Drop path, which could allow a renderer process that’s already been compromised to potentially escape the browser sandbox via a crafted HTML p...
CVE-2026-11029
Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11021
Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11021
Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11021
Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11021
CVE-2026-11021 : Concrete details across connected docs show that in Google Chrome on Windows prior to 149.0.7827.53, the GPU component suffers from insufficient validation of untrusted input, potentially enabling a remote attacker who has compromised the renderer process to escape the sandbox vi...