| CVE-2026-11044 |
unknown |
— |
— |
|
|
|
14h ago |
Integer overflow in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium s… |
| CVE-2026-11043 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT… |
| CVE-2026-11042 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted H… |
| CVE-2026-11041 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… |
| CVE-2026-11040 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-11039 |
unknown |
— |
— |
|
|
|
14h ago |
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11038 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. (Chromium s… |
| CVE-2026-11037 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium) |
| CVE-2026-11036 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11035 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. (Chromium security seve… |
| CVE-2026-11034 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious netw… |
| CVE-2026-11033 |
unknown |
— |
— |
|
|
|
14h ago |
Uninitialized Use in WebML in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium … |
| CVE-2026-11032 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medi… |
| CVE-2026-11031 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium securi… |
| CVE-2026-11030 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Medium) |
| CVE-2026-11029 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perfor… |
| CVE-2026-11028 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Media in Google Chrome on Linux and ChromeOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via… |
| CVE-2026-11027 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted H… |
| CVE-2026-11026 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a cr… |
| CVE-2026-11025 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium securit… |
| CVE-2026-11024 |
unknown |
— |
— |
|
|
|
14h ago |
Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11023 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HT… |
| CVE-2026-11022 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cr… |
| CVE-2026-11021 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbo… |
| CVE-2026-11020 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. (Chromium security severity: Medium) |
| CVE-2026-11019 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform domain spoofing via a crafted… |
| CVE-2026-11018 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medi… |
| CVE-2026-11017 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted… |
| CVE-2026-11016 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cra… |
| CVE-2026-11015 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds read in WebGPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11014 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted … |
| CVE-2026-11013 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive inform… |
| CVE-2026-11012 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT… |
| CVE-2026-11011 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted H… |
| CVE-2026-11010 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in WebShare in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted … |
| CVE-2026-11009 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11008 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a… |
| CVE-2026-11007 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data v… |
| CVE-2026-11006 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11005 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds read in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proc… |
| CVE-2026-11004 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory … |
| CVE-2026-11003 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11002 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. … |
| CVE-2026-11001 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted … |
| CVE-2026-11000 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Fonts in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Med… |
| CVE-2026-10999 |
unknown |
— |
— |
|
|
|
14h ago |
Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proces… |
| CVE-2026-10997 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control … |
| CVE-2026-10996 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-10995 |
unknown |
— |
— |
|
|
|
14h ago |
Heap buffer overflow in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a … |
| CVE-2026-10994 |
unknown |
— |
— |
|
|
|
14h ago |
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit… |
| CVE-2026-10993 |
unknown |
— |
— |
|
|
|
14h ago |
Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur… |
| CVE-2026-10992 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (C… |
| CVE-2026-10991 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted … |
| CVE-2026-10990 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr… |
| CVE-2026-10989 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via … |
| CVE-2026-10988 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-10987 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10986 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High) |
| CVE-2026-10985 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10984 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity:… |
| CVE-2026-10983 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit… |
| CVE-2026-10982 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in WebXR in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10981 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted… |
| CVE-2026-10980 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cr… |
| CVE-2026-10979 |
unknown |
— |
— |
|
|
|
14h ago |
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securi… |
| CVE-2026-10978 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High) |
| CVE-2026-10977 |
unknown |
— |
— |
|
|
|
14h ago |
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium secur… |
| CVE-2026-10976 |
unknown |
— |
— |
|
|
|
14h ago |
Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security… |
| CVE-2026-10975 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10974 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi… |
| CVE-2026-10973 |
unknown |
— |
— |
|
|
|
14h ago |
Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10972 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10971 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a s… |
| CVE-2026-10970 |
high |
8.3 |
8.3 |
|
|
|
14h ago |
Insufficient validation of untrusted input in InterestGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbo… |
| CVE-2026-10969 |
high |
7.5 |
7.5 |
|
|
|
14h ago |
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via… |
| CVE-2026-10968 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via … |
| CVE-2026-10967 |
high |
8.3 |
8.3 |
|
|
|
14h ago |
Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr… |
| CVE-2026-10966 |
unknown |
— |
— |
|
|
|
14h ago |
Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:… |
| CVE-2026-10965 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Integer overflow in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10964 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10963 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10962 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Type Confusion in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10961 |
high |
8.3 |
8.3 |
|
|
|
14h ago |
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte… |
| CVE-2026-10960 |
high |
8.3 |
8.3 |
|
|
|
14h ago |
Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.… |
| CVE-2026-10959 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Input in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… |
| CVE-2026-10958 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafte… |
| CVE-2026-10957 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10956 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi… |
| CVE-2026-10955 |
unknown |
— |
— |
|
|
|
14h ago |
Type Confusion in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev… |
| CVE-2026-10954 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10953 |
high |
8.3 |
8.3 |
|
|
|
14h ago |
Use after free in Core in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML… |
| CVE-2026-10952 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: … |
| CVE-2026-10951 |
unknown |
— |
— |
|
|
|
14h ago |
Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a… |
| CVE-2026-10950 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Hi… |
| CVE-2026-10949 |
high |
8.3 |
8.3 |
|
|
|
14h ago |
Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… |
| CVE-2026-10948 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10947 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10946 |
high |
7.5 |
7.5 |
|
|
|
14h ago |
Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a… |
| CVE-2026-10945 |
high |
8.8 |
8.8 |
|
|
|
14h ago |
Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted… |
| CVE-2026-10944 |
unknown |
— |
— |
|
|
|
14h ago |
Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Hi… |
