Chromium: CVE-2026-11648 Use after free in FullScreen

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11648

An use after free flaw was found in the FullScreen component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506684534...

CVE-2026-11648

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-11648

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11648

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

PT-2026-47474

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in FullScreen on Windows, which could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free is a...

OPENSUSE-SU-2026:20916-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 149 149.0.7827.53 stable boo1267706: CVE-2026-10881: Out of bounds read and write in ANGLE CVE-2026-10882: Use after free in Network CVE-2026-10883: Out of bounds write in ANGLE CVE-2026-10884: Use after free in...

SUSE CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10908

An use after free flaw was found in the FullScreen component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505045913...

EUVD-2026-34357

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-10908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentiall...

CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

PT-2026-46437

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in FullScreen on Windows. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a...

Astra Linux - уязвимость в thunderbird, firefox

A website could have obscured the full-screen notification by using a URL that was processed by an external program, such as a mailto URL. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 116, Firefox ESR 115.2, and Thunderbi...

Astra Linux - уязвимость в chromium

The incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof the security UI through a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в firefox

A website can prevent a user from exiting full-screen mode through alerts and prompts. This can lead to user confusion and potential spoofing attacks. This vulnerability affects Firefox versions earlier than 115...

Astra Linux - уязвимость в thunderbird, firefox

A website could have obscured the full-screen notification by using the file open dialog. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 116, Firefox ESR 115.2, and Thunderbird 115.2...

Astra Linux – Vulnerability in Chromium

The inappropriate implementation in full-screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...

WordPress Full Screen Background plugin <= 2.0.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Full Screen Background versions = 2.0.2...

Aether Smart Contract Security Analysis Framework 5.0.2

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...