Chromium: CVE-2026-11197 Insufficient policy enforcement in Workers

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11197

CVE-2026-11197 affects Google Chrome: insufficient policy enforcement in Workers allows a remote attacker who has compromised the renderer to bypass the same-origin policy via a crafted HTML page, prior to version 149.0.7827.53 . Documented impact is a Medium severity; exploitation status is not ...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in Workers, allowing remote attackers who have compromised rendering processes to bypass the...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability due to a bypass of the ServiceWorkers policy. This vulnerability could allow remote attackers to bypass content security policies through specially crafted...

AlmaLinux 10 : firefox (ALSA-2025:21281)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:21281 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox:...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update Mozilla Thunderbird to version 140.5 bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origin polic...