CVE-2026-11129

This CVE concerns Google Chrome Extensions with an inappropriate implementation in Chrome prior to 149.0.7827.53. The issue allows a remote attacker to leak cross-origin data through a crafted HTML page, as described (Chromium security severity: Medium). Affected product: Chrome (Extensions compo...

Chromium: CVE-2025-12431 Inappropriate implementation in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Microsoft Edge 安全漏洞

Microsoft Edge is a web browser from Microsoft Corporation USA that comes with systems after Windows 10. A security vulnerability exists in Microsoft Edge that stems from an improper implementation in an extension...

CVE-2011-3956

The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension...

Design/Logic Flaw

The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension...