366550 matches found
CVE-2026-11128
Summary of CVE-2026-11128 : In Google Chrome (Chromium-based) before 149.0.7827.53, an inappropriate Web Share implementation could leak cross-origin data when a user performed specific UI gestures on a crafted HTML page. This is rooted in Chromium’s Web Share handling and is addressed in Chromiu...
CVE-2026-11125
CVE-2026-11125 : A use-after-free in Chrome’s Compositing path allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected software is Google Chrome (Chromium-based); the underlying issue is a use-after-free in the Compositing component. Impact is a rem...
CVE-2026-11126
CVE-2026-11126 : Concrete details show an issue in Chromium-based Chrome DevTools. An attacker could leak cross-origin data by convincing a user to install a malicious Chrome extension. Affected software/version: Google Chrome/Chromium prior to 149.0.7827.53. The Debian advisory fixes this in chr...
CVE-2026-11127
CVE-2026-11127 involves an inappropriate implementation in the WebAPKs component of Google Chrome/Chromium. The issue, described as a domain spoofing vulnerability via a crafted WebAPK, affects Chrome/Chromium builds prior to version 149.0.7827.53 (on Android for WebAPKs; Debian mentions multiple...
CVE-2026-11124
CVE-2026-11124 is a heap buffer overflow in Skia used by Chromium/Google Chrome prior to version 149.0.7827.53. According to connected advisories, a remote attacker could exploit this via a crafted HTML page to potentially achieve arbitrary code execution or heap corruption. Mitigations are provi...
CVE-2026-11123
CVE-2026-11123 concerns an Uninitialized Use in ANGLE within Google Chrome/Chromium prior to version 149.0.7827.53. The issue could allow a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page (impact: information disclosure). Connected documents...
CVE-2026-11122
CVE-2026-11122 affects Google Chrome (Chromium) before 149.0.7827.53. The issue is an Inappropriate implementation in Keyboard, enabling a remote attacker to inject arbitrary scripts/HTML (UXSS) via a crafted HTML page. Affected product/versions include Chrome/Chromium across platforms; Debian ad...
CVE-2026-11121
CVE-2026-11121 — Summary Affects Chromium-based browsers (notably Google Chrome) due to insufficient validation of untrusted input in Skia. The issue allows a remote attacker who has already compromised the renderer process to leak cross-origin data via a crafted HTML page. In practice, this is t...
CVE-2026-11120
Chromium-based Google Chrome Enterprise Reporting is affected by CVE-2026-11120: insufficient validation of untrusted input in Enterprise Reporting could allow a remote attacker who has compromised the renderer process to perform a sandbox escape via a crafted HTML page. Affected versions are Chr...
CVE-2026-11118
CVE-2026-11118 : This vulnerability describes a use-after-free in WebRTC in Google Chrome prior to 149.0.7827.53. Exploitation via a crafted HTML page could allow a remote attacker to execute arbitrary code inside the Chrome sandbox. The issue, reported with Chromium as the underlying engine, is ...
CVE-2026-11119
CVE-2026-11119 involves an insecure GPU implementation in Google Chrome on Android up to version before 149.0.7827.53, where a remote attacker who has already compromised the renderer process could potentially perform a sandbox escape via a crafted HTML page. The connected documents reiterate the...
CVE-2026-11117
CVE-2026-11117 is a use-after-free in the Views component of Google Chrome on Windows, prior to version 149.0.7827.53. The vulnerability allows a remote attacker to trigger arbitrary code execution by presenting a crafted HTML page. The underlying issue is a use-after-free flaw in the Views handl...
CVE-2026-11114
CVE-2026-11114 : A use-after-free in Chrome’s Device Trust feature on macOS allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Affected software: Google Chrome on Mac, prior to version 149.0.7827.53 . Root cause and i...
CVE-2026-11115
Affected software: Google Chrome on Windows. Vulnerability: Use-after-free in Updater leading to OS‑level privilege escalation via a malicious file. Root cause: use-after-free in the Updater component (details limited to description). Impact: local privilege escalation with high impact as describ...
CVE-2026-11116
This CVE (CVE-2026-11116) affects Chromoting in Google Chrome before version 149.0.7827.53. The underlying issue is a use-after-free defect in Chromoting, allowing a remote attacker to execute arbitrary code via malicious network traffic. The Microsoft/MSRC and EU/national advisories align on the...
CVE-2026-11113
CVE-2026-11113 affects Google Chrome (Chromium-based) ANGLE: insufficient validation of untrusted input may allow a remote attacker, who already compromised the renderer process, to escape the sandbox via a crafted HTML page. The issue is categorized as CRITICAL by multiple sources; attack vector...
CVE-2026-11112
CVE-2026-11112 affects Chromoting in Google Chrome on Linux, with insufficient validation of untrusted input prior to 149.0.7827.53. A remote attacker who has compromised the renderer process could potentially perform a sandbox escape via a crafted Chrome Extension. The vulnerability is associate...
CVE-2026-11111
CVE-2026-11111 is an out-of-bounds read in ANGLE affecting Google Chrome (Chromium-based) prior to 149.0.7827.53. The vulnerability enables a remote attacker to perform an out-of-bounds memory read via a crafted HTML page. Several connected sources confirm this as a Chromium/ANGLE issue and indic...
CVE-2026-11110
CVE-2026-11110 affects Google Chrome/Chromium's ANGLE component. An uninitialized use in ANGLE prior to 149.0.7827.53 allows a remote attacker to leak cross-origin data via a crafted HTML page. Impact is cross-origin data leakage with Chromium’s Medium severity. Mitigation: update Chrome/Chromium...
CVE-2026-11109
CVEs details and impact 1 : CVE-2026-11109 is an uninitialized-use vulnerability in ANGLE used by Google Chrome (Chromium-based). The issue is described as an uninitialized use in ANGLE that could allow a remote attacker to leak cross-origin data via a crafted HTML page. The affected product is G...
CVE-2026-11107
Affected software: Google Chrome (Chromium-based) prior to version 149.0.7827.53. Issue: In the Downloads component, an inappropriate implementation allows a remote attacker to spoof UI via a crafted HTML page. Impact: UI spoofing; no other data confidentially affected per provided documents. Roo...
CVE-2026-11108
The CVE-2026-11108 entry concerns Google Chrome on Android. It describes an inappropriate NFC implementation that could allow privilege escalation when a crafted HTML page is loaded, under versions affected prior to 149.0.7827.53. The underlying issue is limited to the NFC handling in Chrome’s An...
CVE-2026-11105
This CVE describesInsufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53. A remote attacker that already compromised the renderer process could leak cross-origin data through a crafted HTML page. Affected software is Google Chrome (WebUI component); impact is ...
CVE-2026-11106
Summary: CVE-2026-11106 describes an inappropriate implementation in Media in Google Chrome (Chromium-based) prior to 149.0.7827.53 that allowed a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability affects the Chrome/Chromium media pipeline and is rated Medium se...
CVE-2026-11104
CVE-2026-11104 affects Google Chrome (and Chromium-based Edge) via an uninitialized use in ANGLE. The vulnerability permits a remote attacker who has already compromised the renderer process to potentially read sensitive data from process memory through a crafted HTML page. Affected version famil...
CVE-2026-11103
CVE-2026-11103 affects Google Chrome on Windows, where an inappropriate implementation in the Installer component allows a local attacker to escalate privileges via a malicious file. The vulnerability is tied to Chrome versions prior to 149.0.7827.53. The CVSS context indicates a local exploit wi...
CVE-2026-11102
CVE-2026-11102 affects Google Chrome’s Isolated Web Apps in Chromium-based builds, where an inappropriate implementation allowed a remote attacker to run arbitrary code inside a sandbox via a malicious file. The vulnerability is tied to Chrome/Chromium prior to version 149.0.7827.53. The impact i...
CVE-2026-11100
Summary (CVE-2026-11100): Use-after-free in the File Input component of Google Chrome on macOS, occurring before Chrome version 149.0.7827.53. The underlying issue is a use-after-free in File Input that can be triggered by a user-via UI gestures and a crafted HTML page, potentially enabling a san...
CVE-2026-11101
CVE-2026-11101 concerns an uninitialized use in Dawn within Google Chrome on Windows prior to 149.0.7827.53, enabling a remote attacker to leak cross-origin data via a crafted HTML page. Affected software is Chromium-based (Chrome/Edge), with the root cause described as an uninitialized use in th...
CVE-2025-8873
CVE-2025-8873 affects Arista EOS with IPsec enabled: a specially crafted packet can stop dataplane processing of all IPsec traffic, with control plane detecting and resetting the IPsec pipeline; after reset, IPsec traffic may not resume. Non-IPsec traffic is unaffected. Affected EOS releases incl...
CVE-2026-11097
CVE-2026-11097 affects Google Chrome on Android where the WebView implementation allows a remote attacker to leak cross-origin data through a crafted HTML page. The underlying issue is described as an inappropriate implementation in WebView, with impact identified as cross-origin data leakage. Th...
CVE-2026-11098
CVE-2026-11098 affects the GPU component in Google Chrome (Chromium-based) where there is insufficient validation of untrusted input prior to version 149.0.7827.53. The vulnerability could allow a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted...
CVE-2026-11095
Technical details about CVE-2026-11095 are not publicly available in the provided documents. Monitor for updates from CVE/NVD and EUVD sources for affected products, versions, and remediation.
CVE-2026-11096
CVE-2026-11096 details an out-of-bounds read in WebRTC for Google Chrome, prior to 149.0.7827.53. The issue could allow a remote attacker to obtain potentially sensitive information from a process’s memory via a crafted HTML page. Affected product/component: WebRTC in Chrome (Chromium-based). Roo...
CVE-2026-11094
CVE-2026-11094 affects Google Chrome on Windows, due to a use-after-free in Codecs that could allow a remote attacker, who has compromised the renderer process, to escape the sandbox via a crafted HTML page. The vulnerability is triggered in Chrome versions prior to 149.0.7827.53. Impact is high ...
CVE-2026-11092
Summary of CVE-2026-11092 : Google Chrome’s DevTools policy enforcement is insufficient before version 149.0.7827.53. An attacker could persuade a user to install a crafted (malicious) Chrome Extension to execute privilege escalation. Affected software: Chrome with DevTools; trigger requires user...
CVE-2026-11093
CVE-2026-11093 concerns Google Chrome: a flaw in the Printing implementation allows a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page. Affected product: Google Chrome (Printing subsystem under the renderer process). Root cause: Inappropri...
CVE-2026-11091
CVE-2026-11091 affects Dawn in Google Chrome prior to version 149.0.7827.53. The root cause is an inappropriate implementation that enables out-of-bounds memory access via a crafted HTML page. Impact is described as potentially enabling a remote attacker to cause memory access violations; CVSS me...
CVE-2026-11090
CVE-2026-11090 describes an uninitialized use in ANGLE within Google Chrome prior to version 149.0.7827.53 , enabling a remote attacker to leak cross-origin data via a crafted HTML page. The issue affects ANGLE components used by Chrome; the underlying impact is described as potential exposure of...
CVE-2026-11088
The CVE-2026-11088 entry describes an integer overflow in ANGLE used by Google Chrome, allowing a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Public details specify Chrome versions prior to 149.0.7827.53 as affected, with the...
CVE-2026-11087
CVE-2026-11087 affects ANGLE in Google Chrome. The issue is described as an uninitialized use in ANGLE that, if a renderer process is compromised through a crafted HTML page, can leak cross-origin data. Affected Chrome builds are prior to 149.0.7827.53. Chromium lists the severity as Medium. The ...
CVE-2026-11089
CVE-2026-11089 : Google Chrome contains an uninitialized-use in the Media component that affects versions prior to 149.0.7827.53. A remote attacker who has compromised the renderer process could read sensitive data from process memory via a crafted HTML page. The published remediation is to updat...
CVE-2026-11085
CVE-2026-11085 affects Google Chrome on Android (GPU component) and is caused by an integer overflow prior to version 149.0.7827.53, enabling potential out-of-bounds memory access via a crafted HTML page. Impact is described as high (base score 8.8, high confidentiality/integrity/availability). A...
CVE-2026-11086
Summary: CVE-2026-11086 describes an insecure implementation in Chrome’s Dawn component that allowed a remote attacker who had already compromised the renderer process to run arbitrary code inside the Chromium sandbox via a crafted HTML page. Affected software: Google Chrome (Dawn) prior to versi...
CVE-2026-11084
CVE-2026-11084 affects Google Chrome’s Password Manager. The issue is described as an inappropriate implementation allowing a remote attacker to leak cross-origin data through a crafted HTML page. Affected version range is Chrome prior to 149.0.7827.53. The vulnerability is tied to a Chromium sec...
CVE-2026-11083
CVE-2026-11083 affects Google Chrome’s Password Manager. The vulnerability is described as an Inappropriate implementation in Password Manager that could allow a remote attacker to leak cross-origin data via a crafted HTML page. Affected software is Chrome before 149.0.7827.53. Impact: cross-orig...
CVE-2026-11080
CVE-2026-11080 affects WebView in Google Chrome on Android (before 149.0.7827.53). The vulnerability is a use-after-free in WebView that can lead to heap corruption via a crafted HTML page. The CVSS v3.1 base score is 8.8 (HIGH) with NETWORK attack vector, HIGH confidentiality/integrity/availabil...
CVE-2026-11081
CVE-2026-11081 describes an insecure implementation in Canvas within Google Chrome prior to 149.0.7827.53 that allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. The issue affects Chrome’s Canvas handling and is rated with CVSS v3.1: High impact on integrity, no c...
CVE-2026-11082
CVE-2026-11082 is a race condition in the GPU handling of Google Chrome on Android, where a renderer-process compromise could enable a sandbox escape via a crafted HTML page. Affected software: Google Chrome for Android (pre-149.0.7827.53). Root cause: race in GPU/renderer interaction as describe...
CVE-2026-11078
CVE-2026-11078 affects Google Chrome’s file system handling. The vulnerability arises from an inappropriate/file-system implementation in Chrome prior to version 149.0.7827.53, which could let a remote attacker who has compromised the renderer process bypass the same-origin policy via a crafted H...