|
301
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in Input in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11160
|
2026-06-6 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-11159
|
2026-06-6 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303
|
8.6 |
HIGH
Local
|
-
|
-
|
Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript comma…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11158
|
2026-06-6 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UXSS) via a cr…
New
|
CWE-94
Code Injection
|
CVE-2026-11157
|
2026-06-6 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-352
Origin Validation Error
|
CVE-2026-11156
|
2026-06-6 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-352
Origin Validation Error
|
CVE-2026-11155
|
2026-06-6 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307
|
7.5 |
HIGH
Network
|
-
|
-
|
Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
New
|
CWE-416
Use After Free
|
CVE-2026-11154
|
2026-06-6 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Side-channel information leakage in Forms in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-1300
Improper Protection of Physical Side Channels
|
CVE-2026-11153
|
2026-06-6 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-416
Use After Free
|
CVE-2026-11152
|
2026-06-6 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310
|
7.5 |
HIGH
Network
|
-
|
-
|
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sand…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11151
|
2026-06-6 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
