Lucene search
K

524 matches found

NVD
NVD
added 2026/06/04 11:17 p.m.7 views

CVE-2026-11133

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00202EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11069

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.9 views

CVE-2026-11036

Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00165EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.4 views

DEBIAN-CVE-2026-11016

Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:16 p.m.8 views

CVE-2026-10937

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

8.1CVSS0.00273EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00202EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:5 p.m.44 views

CVE-2026-11244

The CVE-2026-11244 entry concerns Google Chrome’s WebAuthentication input validation. Affected component: WebAuthentication in Chrome (prior to 149.0.7827.53). Root cause: insufficient validation of untrusted input, enabling a remote attacker who compromised a renderer process to bypass the same-...

3.1CVSS5.8AI score0.00207EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.34 views

CVE-2026-11233

Insufficient policy enforcement in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

0.00177EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11197

Insufficient policy enforcement in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.32 views

CVE-2026-11181

Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

0.00137EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:5 p.m.20 views

CVE-2026-11181

The CVE-2026-11181 case concerns Google Chrome’s Media Session implementation, where an inappropriate implementation allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected: Google Chrome prior to version 149.0.7827.53. Severity is stated as Medium. The descri...

6.3CVSS5.8AI score0.00137EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.9 views

CVE-2026-11142

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00201EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:5 p.m.21 views

CVE-2026-11142

CVE-2026-11142 affects Google Chrome (Chromium-based) via insufficient policy enforcement in Paint, allowing a remote attacker to bypass the same-origin policy through a crafted HTML page. The issue originates in Chromium/Paint handling and is associated with a fix in Chrome’s 149.0.7827.53 timef...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11132

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00202EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11081

Inappropriate implementation in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00165EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.8 views

CVE-2026-11069

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00209EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11036

Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.18 views

CVE-2026-11023

The CVE-2026-11023 issue affects Google Chrome prior to 149.0.7827.53 and is caused by an inappropriate implementation in the WebAppInstalls component. The vulnerability could allow a remote attacker who has compromised the renderer process to bypass the same-origin policy via a crafted HTML page...

6.5CVSS5.8AI score0.00225EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:3 p.m.8 views

CVE-2026-10937

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.5AI score0.00273EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:3 p.m.15 views

CVE-2026-10922

CVE-2026-10922 affects Google Chrome’s DevTools prior to 149.0.7827.53. The issue is caused by insufficient validation of untrusted input, allowing a remote attacker to bypass the same-origin policy when a user is induced to perform specific UI gestures in the context of malicious network traffic...

8.8CVSS5.8AI score0.00303EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder