72197 matches found
CVE-2026-11022
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11016
CVE-2026-11016: Insufficient validation of untrusted input in Network in Google Chrome (Chromium-based) prior to 149.0.7827.53 allows a renderer-compromised attacker to bypass the same-origin policy via a crafted HTML page. Publicly referenced disclosures include Debian/openSUSE advisories and Ch...
CVE-2026-11016
Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11013
Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11013
Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11008
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11008
CVE-2026-11008 affects Google Chrome/Chromium WebAppInstalls, with root cause Insufficient validation of untrusted input in WebAppInstalls. The vulnerability enables a remote attacker, who already compromised the renderer, to leak cross-origin data via a crafted HTML page. Affected product is Chr...
CVE-2026-11008
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11007
CVE-2026-11007 describes a vulnerability in WebView for Google Chrome on Android, where insufficient validation of untrusted input in WebView prior to 149.0.7827.53 enabled a renderer-compromised attacker to leak cross-origin data via a crafted HTML page. The connected Debian/OpenSUSE advisories ...
CVE-2026-11007
Insufficient validation of untrusted input in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11007
Insufficient validation of untrusted input in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-10983
Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10983
Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10983
CVE-2026-10983 affects Dawn in Google Chrome. The issue is insufficient validation of untrusted input, enabling a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Affected versions are prior to 149.0.7827.53. The provided documents do not specify exploitation statu...
CVE-2026-10981
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. Chromium security severity: High...
CVE-2026-10980
CVE-2026-10980 : In Google Chrome, the DevTools component had insufficient validation of untrusted input, allowing a remote attacker who had compromised the renderer process to bypass the same-origin policy via a crafted HTML page. This stems from a Chromium-level input-validation issue and could...
CVE-2026-10980
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-10981
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. Chromium security severity: High...
CVE-2026-10981
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. Chromium security severity: High...
CVE-2026-10974
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...