|
891
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-10949
|
2026-06-10 03:52 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
892
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Update
|
CWE-416
Use After Free
|
CVE-2026-10954
|
2026-06-10 03:49 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
893
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
Update
|
CWE-416
Use After Free
|
CVE-2026-10956
|
2026-06-10 03:48 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
894
|
6.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medi…
Update
|
CWE-346
Origin Validation Error
|
CVE-2026-11181
|
2026-06-10 03:47 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
895
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox vi…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11235
|
2026-06-10 03:44 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
896
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via…
Update
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2026-11236
|
2026-06-10 03:42 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
897
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTM…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11237
|
2026-06-10 03:41 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
898
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Update
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-11268
|
2026-06-10 03:38 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
899
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform p…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11272
|
2026-06-10 03:34 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
900
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security se…
Update
|
CWE-284
Improper Access Control
|
CVE-2026-11274
|
2026-06-10 03:32 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
