72196 matches found
CVE-2026-11189
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11189
CVE-2026-11189 affects Google Chrome DevTools; the root cause is insufficient validation of untrusted input in DevTools, allowing a crafted Chrome Extension to bypass navigation restrictions. Affected software is Chrome with DevTools prior to 149.0.7827.53. Remediation: update Chrome to 149.0.782...
CVE-2026-11149
The CVE-2026-11149 entry concerns Google Chrome Extensions with insufficient validation of untrusted input, enabling privilege escalation when a renderer process is compromised. Affected software: Google Chrome prior to version 149.0.7827.53. Root cause: untrusted input validation in Extensions. ...
CVE-2026-11146
Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11146
Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11121
Insufficient validation of untrusted input in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11121
Insufficient validation of untrusted input in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11121
Insufficient validation of untrusted input in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11121
CVE-2026-11121 — Summary Affects Chromium-based browsers (notably Google Chrome) due to insufficient validation of untrusted input in Skia. The issue allows a remote attacker who has already compromised the renderer process to leak cross-origin data via a crafted HTML page. In practice, this is t...
CVE-2026-11120
Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11120
Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11113
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11112
Insufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11105
This CVE describesInsufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53. A remote attacker that already compromised the renderer process could leak cross-origin data through a crafted HTML page. Affected software is Google Chrome (WebUI component); impact is ...
CVE-2026-11105
Insufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11105
Insufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11098
Insufficient validation of untrusted input in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11098
Insufficient validation of untrusted input in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11095
Technical details about CVE-2026-11095 are not publicly available in the provided documents. Monitor for updates from CVE/NVD and EUVD sources for affected products, versions, and remediation.
CVE-2026-11079
CVE-2026-11079 concerns Google Chrome’s Codecs. The issue is caused by insufficient validation of untrusted input in codecs, enabling a remote attacker to trigger an out-of-bounds memory write via a crafted video file. Affected product: Google Chrome (before 149.0.7827.53). The impact, as describ...