Search
153,300 CVEs · Medium severity
EOL hidden · Show all products
CVEs (153,300, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 276–300 of 153,300 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-11148 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. (Chr… |
| CVE-2026-11145 | MEDIUM | Patched | 5.3 | 2026-06-04 | Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security sever… |
| CVE-2026-11143 | MEDIUM | Patched | 6.5 | 2026-06-04 | Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potent… |
| CVE-2026-11142 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium s… |
| CVE-2026-11141 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in Audio in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive inform… |
| CVE-2026-11140 | MEDIUM | Patched | 6.5 | 2026-06-04 | Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive … |
| CVE-2026-11139 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium securit… |
| CVE-2026-11138 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11137 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted H… |
| CVE-2026-11135 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page… |
| CVE-2026-11134 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium securit… |
| CVE-2026-11133 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium s… |
| CVE-2026-11132 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium s… |
| CVE-2026-11129 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium se… |
| CVE-2026-11128 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak c… |
| CVE-2026-11127 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in WebAPKs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted WebAPK. (Chrom… |
| CVE-2026-11126 | MEDIUM | Patched | 4.3 | 2026-06-04 | Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-ori… |
| CVE-2026-11123 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted H… |
| CVE-2026-11122 | MEDIUM | Patched | 6.1 | 2026-06-04 | Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML pag… |
| CVE-2026-11121 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-… |
| CVE-2026-11110 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11109 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-11107 | MEDIUM | Patched | 4.3 | 2026-06-04 | Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium securi… |
| CVE-2026-11106 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium securit… |
| CVE-2026-11105 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross… |