72197 matches found
CVE-2026-11079
CVE-2026-11079 concerns Google Chrome’s Codecs. The issue is caused by insufficient validation of untrusted input in codecs, enabling a remote attacker to trigger an out-of-bounds memory write via a crafted video file. Affected product: Google Chrome (before 149.0.7827.53). The impact, as describ...
CVE-2026-11070
CVE-2026-11070 affects Chromoting in Google Chrome on Windows, where insufficient validation of untrusted input could allow a sandbox escape via malicious network traffic, if an attacker compromised the network process. The vulnerability is triggered by untrusted network data in Chromoting prior ...
CVE-2026-11069
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11069
CVE-2026-11069 concerns Google Chrome prior to 149.0.7827.53, where cast-related input validation on untrusted data is insufficient. The underlying issue permits a remote attacker to bypass the same-origin policy via a crafted HTML page, with the impact described as Medium. The vulnerability affe...
CVE-2026-11069
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11066
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11066
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11066
The CVE-2026-11066 entry concerns Insufficient validation of untrusted input in ANGLE used by Google Chrome. Affected: ANGLE component within Chrome (pre-149.0.7827.53). Impact: allows a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Underlying cause: insufficien...
CVE-2026-11063
Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11063
Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11056
Insufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11046
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11045
Insufficient validation of untrusted input in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11034
The CVE-2026-11034 entry affects Google Chrome on Android, specifically the Tab Group Sync feature. The issue is insufficient validation of untrusted input, allowing a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. Affects Chrome versions before 149.0.78...
CVE-2026-11034
Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...
CVE-2026-11031
CVE-2026-11031 affects Google Chrome’s Password Manager. The issue is insufficient validation of untrusted input, enabling a remote attacker to trigger UI spoofing via malicious network traffic. Affects Chrome versions prior to 149.0.7827.53 (Chromium security severity: Medium). CVSS v3.1: Base s...
CVE-2026-11029
CVE-2026-11029 affects Google Chrome for Android prior to 149.0.7827.53. The issue is caused by insufficient validation of untrusted input in the Drag and Drop path, which could allow a renderer process that’s already been compromised to potentially escape the browser sandbox via a crafted HTML p...
CVE-2026-11027
Insufficient validation of untrusted input in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11027
Insufficient validation of untrusted input in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11022
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...