|
131
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted C…
New
|
CWE-284
Improper Access Control
|
CVE-2026-11212
|
2026-06-6 10:58 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
132
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Low)
New
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-11225
|
2026-06-6 10:57 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
133
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in PreviewTab in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin…
New
|
CWE-346
Origin Validation Error
|
CVE-2026-11226
|
2026-06-6 10:57 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
134
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Low)
New
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-11227
|
2026-06-6 10:57 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
135
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-416
Use After Free
|
CVE-2026-10939
|
2026-06-6 10:56 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
136
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafte…
New
|
CWE-416
Use After Free
|
CVE-2026-10958
|
2026-06-6 10:56 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
137
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Input in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
New
|
CWE-416
Use After Free
|
CVE-2026-10959
|
2026-06-6 10:56 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
138
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-416
Use After Free
|
CVE-2026-11003
|
2026-06-6 10:54 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
139
|
4.0 |
MEDIUM
Local
|
google
|
chrome
|
Out of bounds read in Media in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform an out of bounds memory read via malicious network traffic. (Chromium s…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-10998
|
2026-06-6 10:53 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
140
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control …
New
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-10997
|
2026-06-6 10:53 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
