|
4051
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-10948
|
2026-06-10 03:52 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4052
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-10949
|
2026-06-10 03:52 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4053
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-10954
|
2026-06-10 03:49 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4054
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
|
CWE-416
Use After Free
|
CVE-2026-10956
|
2026-06-10 03:48 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4055
|
6.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medi…
|
CWE-346
Origin Validation Error
|
CVE-2026-11181
|
2026-06-10 03:47 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4056
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox vi…
|
CWE-20
Improper Input Validation
|
CVE-2026-11235
|
2026-06-10 03:44 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4057
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via…
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2026-11236
|
2026-06-10 03:42 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4058
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTM…
|
CWE-20
Improper Input Validation
|
CVE-2026-11237
|
2026-06-10 03:41 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4059
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-11268
|
2026-06-10 03:38 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4060
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform p…
|
CWE-20
Improper Input Validation
|
CVE-2026-11272
|
2026-06-10 03:34 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
