|
2551
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in WebML in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: M…
|
CWE-416
Use After Free
|
CVE-2026-11147
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2552
|
7.5 |
HIGH
Network
|
-
|
-
|
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via…
|
CWE-20
Improper Input Validation
|
CVE-2026-11149
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2553
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-416
Use After Free
|
CVE-2026-11164
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2554
|
8.8 |
HIGH
Network
|
-
|
-
|
Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-11171
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2555
|
8.8 |
HIGH
Network
|
-
|
-
|
Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-11173
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2556
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)
|
CWE-416
Use After Free
|
CVE-2026-11262
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2557
|
5.1 |
MEDIUM
Local
|
-
|
-
|
Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. (Ch…
|
CWE-269
Improper Privilege Management
|
CVE-2026-11276
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2558
|
- |
|
-
|
-
|
Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
|
CWE-20
Improper Input Validation
|
CVE-2026-11280
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2559
|
- |
|
-
|
-
|
Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low)
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-11290
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2560
|
- |
|
-
|
-
|
A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio ra…
|
-
|
CVE-2026-7762
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
