VYPR

Chrome

by Google

Source repositories

CVEs (5,401)

  • CVE-2026-11060HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11059HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11055HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11054HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11050HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11049HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11046HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11042HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11041HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11030HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Medium)

  • CVE-2026-11028HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Media in Google Chrome on Linux and ChromeOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11024HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11003HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11000HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Fonts in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-10995HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Heap buffer overflow in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-10991HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-10989HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10988HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10987HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10986HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High)

Page 23 of 271