Skip to main content
CVE-2026-11001 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Payments subsystem (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to manipulate what the victim sees during a payment flow, achieving high-integrity impact by deceiving users into authorizing fraudulent transactions or submitting payment credentials to attacker-controlled surfaces. The attack requires the victim to visit a crafted HTML page and perform specific UI gestures, as confirmed by the CVSS UI:R designation. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% at the 11th percentile indicates minimal current exploitation activity despite the network-reachable attack vector.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10999 MEDIUM PATCH This Month

Integer overflow in Chrome's ANGLE graphics layer on Windows enables process memory disclosure for attackers who have already compromised the renderer process. Affected versions are all Google Chrome releases prior to 149.0.7827.53 on Windows. An attacker who has first achieved renderer compromise can trigger the ANGLE integer overflow via a crafted HTML page to read potentially sensitive data from process memory - functioning as a second-stage information leak within a chained exploit. No public exploit identified at time of analysis, and EPSS at 0.03% (11th percentile) reflects low observed exploitation probability.

Information Disclosure Google Microsoft Integer Overflow Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10994 MEDIUM PATCH This Month

Uninitialized memory read in Chrome's ANGLE graphics layer exposes process memory contents to remote attackers who can trick users into visiting a crafted HTML page. Affected are all Chrome releases prior to 149.0.7827.53 on desktop platforms, as confirmed by the Google Chrome Releases advisory. No public exploit identified at time of analysis, and the EPSS score of 0.03% (11th percentile) indicates low current exploitation probability; however, the CVSS confidentiality impact is rated High, meaning successful exploitation could yield sensitive in-process data such as credentials, tokens, or cryptographic material resident in memory.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10992 MEDIUM PATCH This Month

Memory disclosure in Google Chrome's Animation component (all versions prior to 149.0.7827.53) enables an unauthenticated remote attacker to read potentially sensitive data from the browser's process memory by directing a victim to a crafted HTML page. The flaw arises from insufficient data validation during animation processing - a class of bug that typically permits out-of-bounds or uninitialized memory reads rather than code execution. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) confirms low current exploitation probability despite the CVSS confidentiality impact being rated High.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10985 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Skia graphics library prior to version 149.0.7827.53 enables unauthenticated remote attackers to read out-of-bounds memory and exfiltrate data from foreign origins via a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms high confidentiality impact with no privileges required, though a victim must visit an attacker-controlled page to trigger the read. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) suggests limited exploitation activity; however, same-origin policy bypass in a mainstream browser is a meaningful web security concern warranting prompt patching.

Information Disclosure Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10979 MEDIUM PATCH This Month

Out-of-bounds read in ANGLE (Chrome's graphics abstraction layer) affects all Google Chrome versions prior to 149.0.7827.53, enabling remote information disclosure from process memory. An unauthenticated remote attacker can trigger the memory leak by inducing a victim to visit a crafted HTML page - no privileges are required on the attacker's side, though user interaction is necessary. No public exploit identified at time of analysis and EPSS sits at 0.03% (11th percentile), indicating low current exploitation probability despite Google's 'High' Chromium severity rating.

Information Disclosure Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10977 MEDIUM PATCH This Month

Uninitialized memory use in Skia, Chrome's 2D graphics rendering engine, enables cross-origin data leakage in Google Chrome versions prior to 149.0.7827.53. Exploitation requires an attacker to have already compromised the renderer process and to deliver a crafted HTML page, making this a second-stage component in a multi-step attack chain rather than a standalone critical exploit. EPSS stands at 0.03% (11th percentile) and no active exploitation has been recorded in CISA KEV, aligning with its role as a chained, post-renderer-compromise primitive.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10950 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome on iOS (versions prior to 149.0.7827.53) stems from insufficient policy enforcement in the Autofill component, enabling a remote unauthenticated attacker to read sensitive cross-origin data by directing a victim to a crafted HTML page. The CVSS score of 6.5 (Medium) reflects high confidentiality impact with no integrity or availability loss; the attack requires user interaction but no attacker privileges. EPSS probability sits at 0.03% (11th percentile), SSVC reports no current exploitation, and the CVE is absent from CISA KEV, collectively indicating low real-world threat urgency despite the medium severity classification.

Apple Information Disclosure Google Chrome Red Hat
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10944 MEDIUM PATCH This Month

Cross-origin data exfiltration via Autofill in Google Chrome on iOS (prior to 149.0.7827.53) allows a remote attacker to leak sensitive data across origin boundaries by directing a victim to a crafted HTML page. The flaw stems from insufficient policy enforcement in the Autofill subsystem - a protection mechanism failure (CWE-693) that bypasses same-origin boundary controls exclusive to the iOS platform build of Chrome. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) indicates very low observed exploitation probability. A vendor-released patch is available.

Apple Information Disclosure Google Chrome Red Hat
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11225 MEDIUM PATCH This Month

Domain spoofing in Google Chrome's WebUI component (versions prior to 149.0.7827.53) allows unauthenticated remote attackers to display a misleading domain name in the browser UI by delivering a crafted domain to a victim. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) assigns High integrity impact, reflecting the ability to undermine a user's origin-trust decisions - the cornerstone of browser security. No public exploit code exists and EPSS sits at 0.03% (10th percentile), consistent with Google's own 'Low' Chromium severity rating; risk is realistic but non-urgent outside phishing-focused threat models.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11200 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebRTC subsystem (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to read data across origin boundaries when a victim visits a crafted HTML page. The vulnerability carries a CVSS 6.5 Medium score with high confidentiality impact, but mandatory user interaction prevents automated mass exploitation - consistent with SSVC Automatable: no and an EPSS of 0.03% (10th percentile). No public exploit code exists and this CVE is not listed in the CISA Known Exploited Vulnerabilities catalog at time of analysis.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11127 MEDIUM PATCH This Month

Domain spoofing via crafted WebAPK in Google Chrome on Android prior to 149.0.7827.53 enables remote unauthenticated attackers to deceive users about the web origin of installed Progressive Web Apps, with high integrity impact as confirmed by the CVSS I:H rating. The CVSS vector (AV:N/AC:L/PR:N/UI:R) confirms the attack is network-accessible and requires no privileges, though user interaction is a necessary precondition. No public exploits have been identified and EPSS sits at 0.03% (10th percentile), indicating minimal observed exploitation pressure; however, the trust-abuse potential for phishing campaigns makes timely patching advisable.

Information Disclosure Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11097 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebView component on Android (versions prior to 149.0.7827.53) enables remote attackers to exfiltrate sensitive cross-origin data by directing victims to a specially crafted HTML page. The flaw resides in an inappropriate implementation within WebView (CWE-474), effectively undermining same-origin policy protections that normally isolate web content across origins - an attacker can read data they should not have access to. No public exploit has been identified at time of analysis, and an EPSS score of 0.03% (10th percentile) signals very low current exploitation probability; the vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11096 MEDIUM PATCH This Month

Out-of-bounds read in the WebRTC component of Google Chrome prior to 149.0.7827.53 exposes potentially sensitive process memory contents to remote attackers. Exploitation requires no authentication (CVSS PR:N) but does require user interaction - a victim must visit a specially crafted HTML page (CVSS UI:R). The confidentiality impact is rated High (C:H) with no integrity or availability consequence, meaning a successful attack leaks memory contents rather than enabling code execution. No public exploit identified at time of analysis, and EPSS at 0.03% (10th percentile) reflects low observed exploitation probability.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11073 MEDIUM PATCH This Month

Use-after-free in Google Chrome's WebGL component (prior to 149.0.7827.53) exposes process memory to remote attackers who can lure a user to a crafted HTML page. The vulnerability is limited to confidentiality - CVSS C:H/I:N/A:N - meaning an attacker can read potentially sensitive data from Chrome's process memory but cannot write or crash the process per the scored vector. No public exploit has been identified at time of analysis, and EPSS sits at 0.03% (10th percentile), indicating low observed exploitation pressure. Google has shipped a fix in the stable channel release 149.0.7827.53.

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11033 MEDIUM PATCH This Month

Uninitialized memory read in Chrome's WebML component on macOS exposes potentially sensitive process memory contents to remote attackers. Affected are all Chrome versions prior to 149.0.7827.53 on Mac; exploitation requires convincing a user to visit a specially crafted HTML page. No public exploit code or active exploitation (CISA KEV) has been identified, and the EPSS score of 0.03% (10th percentile) reflects low real-world exploitation likelihood at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10993 MEDIUM PATCH This Month

Heap-based buffer overflow in the Skia graphics rendering library within Google Chrome versions prior to 149.0.7827.53 enables remote attackers to read sensitive data from renderer process memory. Exploitation requires no authentication (PR:N) but does require user interaction - a victim must visit a specially crafted HTML page - and yields high confidentiality impact (C:H) with no integrity or availability impact per the CVSS vector. No public exploit has been identified at time of analysis, and the EPSS score of 0.03% (10th percentile) indicates very low current exploitation probability; CISA KEV active exploitation status is not confirmed.

Heap Overflow Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-8653 MEDIUM This Month

SQL injection in MasterStudy LMS Pro Plus for WordPress exposes database contents to authenticated instructors through the unsanitized 'columns' parameter, affecting all versions up to and including 4.8.20. The vulnerability stems from insufficient input escaping and absent parameterized query preparation, enabling authenticated attackers with at minimum instructor-level access to append arbitrary SQL to existing queries and extract sensitive data. No public exploit code or CISA KEV listing has been identified at time of analysis, but the low attack complexity and high confidentiality impact make this a meaningful risk for multi-tenant LMS deployments where instructors are semi-trusted external parties.

SQLi WordPress
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11223 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Network component (versions prior to 149.0.7827.53) enables a post-compromise attacker who already controls the renderer process to subvert cross-origin enforcement via a crafted HTML page. The CVSS integrity impact is rated High (I:H), but exploitation is gated behind a required renderer-process pre-compromise, substantially raising the real-world attack bar. No public exploit code exists and no CISA KEV listing is present; EPSS stands at 0.02% (6th percentile), consistent with Google's own Low severity rating for this issue.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11220 MEDIUM PATCH This Month

Site isolation bypass in Google Chrome's Navigation component allows a remote attacker who has already compromised the renderer process to break Chrome's cross-origin security boundary via a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53. The CVSS vector (I:H) reflects high integrity impact against protected origins, but the real-world risk is substantially gated by the prerequisite of renderer process compromise - a condition Google itself rates as 'Low' severity in Chromium's internal classification. No public exploit code or CISA KEV listing has been identified at time of analysis.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11078 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's FileSystem API implementation affects all desktop versions prior to 149.0.7827.53, exploitable by a remote attacker who has already achieved renderer process compromise. Delivering a crafted HTML page to a victim who interacts with it triggers the flaw, resulting in high-integrity cross-origin impact with no confidentiality or availability consequence. No public exploit code exists and EPSS sits at 0.02% (6th percentile), but the integrity impact and its role as a renderer-escape pivot make it relevant to multi-stage exploitation chains.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11069 MEDIUM PATCH This Month

Same-origin policy bypass in the Cast component of Google Chrome (prior to 149.0.7827.53) enables a remote unauthenticated attacker to violate cross-origin integrity protections via a crafted HTML page, requiring only that the target user visit the attacker-controlled page. The CVSS vector confirms high integrity impact with no confidentiality or availability consequence, indicating the attack allows unauthorized cross-origin writes or data manipulation rather than information disclosure. No public exploit code has been identified at time of analysis, and the EPSS score of 0.02% (6th percentile) signals low observed exploitation interest despite the medium-severity Chromium classification.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11038 MEDIUM PATCH This Month

Subresource Integrity (SRI) policy enforcement failure in Google Chrome prior to 149.0.7827.53 enables remote attackers to bypass Content Security Policy protections via malicious network traffic. Affected users who visit attacker-influenced pages may have tampered scripts or resources loaded without the expected cryptographic hash validation that SRI is designed to enforce, undermining integrity guarantees that web applications depend on as a security boundary. No active exploitation is confirmed (not in CISA KEV), EPSS is very low at 0.02% (6th percentile), and a vendor patch is available at 149.0.7827.53.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11023 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's WebAppInstalls component allows a remote attacker who has already compromised the renderer process to circumvent cross-origin protections via a crafted HTML page, yielding high integrity impact with no confidentiality or availability loss. All Chrome versions prior to 149.0.7827.53 are affected. No public exploit code has been identified and EPSS places this at the 6th percentile (0.02%), indicating very low observed exploitation probability; this is not listed in CISA KEV.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11022 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome DevTools (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. The flaw stems from insufficient input validation (CWE-20) within the DevTools component, yielding a High integrity impact while leaving confidentiality and availability unaffected. No public exploit code exists at time of analysis, and EPSS sits at 0.02% (6th percentile), indicating low observed exploitation pressure; this vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11016 MEDIUM PATCH This Month

Same origin policy bypass in Google Chrome's Network component (prior to 149.0.7827.53) enables an attacker who has already compromised the renderer process to exfiltrate or manipulate cross-origin data via a crafted HTML page. The integrity impact is rated High (I:H) with no confidentiality or availability impact, meaning the primary risk is unauthorized cross-origin writes or request forgery rather than data theft. No public exploit code has been identified at time of analysis, and EPSS sits at 0.02% (6th percentile), indicating low observed exploitation probability despite the medium CVSS score.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10980 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's DevTools component (all versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to bypass SOP protections via a crafted HTML page, resulting in a high-integrity impact with no confidentiality or availability loss. The attack requires user interaction (victim must visit a malicious page) and a prior renderer process compromise as a chained prerequisite, materially constraining real-world exploitability beyond the raw CVSS score implies. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog; EPSS probability stands at 0.02% (6th percentile), consistent with a low-probability exploitation scenario.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10938 MEDIUM PATCH This Month

Site isolation bypass in Google Chrome prior to 149.0.7827.53 enables a remote attacker - who has already compromised the renderer process - to escape cross-origin protections via a crafted HTML page. The vulnerability stems from inappropriate handling of the Input component (CWE-20: Improper Input Validation) within Chromium's renderer, allowing crafted input to undermine the site isolation security boundary and produce high-integrity impact against cross-origin resources. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at 0.02% (6th percentile), consistent with the renderer pre-compromise prerequisite that constrains standalone exploitation.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10912 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Extensions component prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to perform unauthorized cross-origin actions via a crafted HTML page. The vulnerability stems from insufficient input validation (CWE-20) in the Extensions subsystem and carries a CVSS integrity impact of High with no confidentiality or availability loss. No active exploitation has been confirmed - EPSS sits at 0.02% (6th percentile), SSVC exploitation status is 'none', and the CVE is not listed in CISA KEV - but a vendor-released patch is available.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11226 MEDIUM PATCH This Month

Same-origin policy bypass in the PreviewTab component of Google Chrome for Android (versions prior to 149.0.7827.53) enables a remote unauthenticated attacker to violate cross-origin isolation and corrupt content integrity. Exploitation requires social engineering - the victim must visit a crafted HTML page and be manipulated into performing specific UI gestures within the PreviewTab interface. The CVSS vector scores high integrity impact (I:H) with no confidentiality or availability impact, indicating an attacker can alter or inject content across origin boundaries but cannot directly exfiltrate data. No public exploit code or CISA KEV listing has been identified; EPSS sits at 0.02% (4th percentile), reflecting very low current exploitation probability.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11217 MEDIUM PATCH This Month

Site isolation bypass in Google Chrome's Fenced Frames component allows an attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53 on desktop platforms. No public exploit code has been identified at time of analysis, and EPSS sits at a low 0.02% (4th percentile), consistent with Chromium's own 'Low' severity rating despite the 6.5 CVSS score - real-world risk is contingent on a separate, preceding renderer exploit.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11210 MEDIUM PATCH This Month

Safe Browsing bypass in Google Chrome prior to 149.0.7827.53 allows a remote attacker to circumvent discretionary access control protections by delivering a specially crafted RAR file to a victim who interacts with it. The CVSS vector (AV:N/AC:L/PR:N/UI:R) confirms no authentication or elevated privileges are required on the attacker side, but exploitation depends on user interaction - the victim must engage with the malicious RAR file. The integrity impact is rated High (I:H) with no confidentiality or availability impact, indicating the primary risk is bypassing file-based access controls enforced by the Safe Browsing subsystem. No public exploit identified at time of analysis, and EPSS at 0.02% (4th percentile) reflects very low observed exploitation probability.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11204 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome for iOS (versions prior to 149.0.7827.53) exploits an inappropriate implementation within the Signin component, enabling a remote attacker to circumvent navigation controls by delivering a crafted HTML page to a victim. Per CVSS (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N), no authentication is required by the attacker, but user interaction is necessary - the victim must visit or load the malicious page. No public exploit has been identified at time of analysis, SSVC reports exploitation as none, and the EPSS score of 0.02% (4th percentile) indicates very low likelihood of opportunistic exploitation; nevertheless, the high integrity impact warrants prompt patching on all managed iOS Chrome deployments.

Apple Authentication Bypass Google Suse Chrome +1
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11197 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Workers subsystem (versions prior to 149.0.7827.53) permits a remote attacker who has already compromised the renderer process to circumvent cross-origin restrictions via a crafted HTML page, resulting in high-severity integrity impact (CVSS I:H). The flaw, rooted in insufficient policy enforcement (CWE-284), functions as a second-stage chained exploit rather than an initial access vector, requiring renderer compromise as a prerequisite. No active exploitation has been identified (SSVC: exploitation none; EPSS 0.02%), and a vendor-released patch is available as of Chrome 149.0.7827.53.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11193 MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome's Password Manager component (versions prior to 149.0.7827.53) allows a remote, unauthenticated attacker to bypass discretionary access control by delivering a crafted HTML page to a victim. Per the CVSS vector (C:N/I:N/A:H), the confirmed impact is high availability disruption - notably not credential exfiltration - suggesting the bypass degrades or denies Password Manager functionality rather than exposing stored credentials. No public exploit exists and EPSS sits at 0.02% (4th percentile), indicating no widespread exploitation pressure at time of analysis.

Authentication Bypass Google
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11189 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome DevTools (all versions prior to 149.0.7827.53) enables circumvention of browser navigation controls through a crafted malicious Chrome Extension. Exploitation requires convincing a target user to install the malicious extension, placing this firmly in social-engineering territory rather than opportunistic mass exploitation. EPSS is extremely low at 0.02% (4th percentile), no public exploit code has been identified, and there is no CISA KEV listing, making this a moderate-priority integrity-only issue despite the CVSS 6.5 score.

Authentication Bypass Google
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11142 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Paint component prior to version 149.0.7827.53 allows a remote, unauthenticated attacker to violate cross-origin integrity protections by inducing a user to visit a crafted HTML page. The flaw stems from insufficient policy enforcement in the Paint subsystem (CWE-639), enabling an attacker to write or manipulate content across origin boundaries, resulting in high integrity impact with no confidentiality or availability loss per the CVSS vector. No public exploit code has been identified at time of analysis, and the EPSS score of 0.02% (4th percentile) indicates very low current exploitation probability.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11135 MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome's Autofill subsystem (versions prior to 149.0.7827.53) enables remote unauthenticated attackers to bypass discretionary access control, resulting in high-integrity impact when a victim visits a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/I:H) confirms the attack is network-delivered, low-complexity, and requires no privileges, though user interaction is a prerequisite. No public exploit code or active exploitation has been identified at time of analysis, and the EPSS score of 0.02% (4th percentile) reflects low observed exploitation pressure.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11133 MEDIUM PATCH This Month

Insufficient same-origin policy enforcement in Google Chrome's Paint rendering component (prior to 149.0.7827.53) allows unauthenticated remote attackers to bypass SOP boundaries via a crafted HTML page, resulting in high integrity impact against the victim's browser context. The attack requires user interaction (visiting a malicious page) but no authentication or elevated privileges. No public exploit code has been identified and no CISA KEV listing exists at time of analysis; EPSS is extremely low at 0.02% (4th percentile), indicating limited observed exploitation activity in the wild.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11132 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Paint component (all versions prior to 149.0.7827.53) enables a remote unauthenticated attacker to violate cross-origin integrity protections by delivering a crafted HTML page to a victim. The CVSS vector (AV:N/AC:L/PR:N/UI:R/I:H) confirms network-based, low-complexity exploitation with no privilege requirement, though victim interaction - visiting the attacker's page - is mandatory. No public exploit has been identified at time of analysis, and an EPSS score of 0.02% (4th percentile) indicates minimal observed exploitation activity; this is not listed in CISA KEV.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11081 MEDIUM PATCH This Month

Same-Origin Policy bypass in Google Chrome's Canvas implementation affects all versions prior to 149.0.7827.53, allowing a remote unauthenticated attacker to violate cross-origin integrity guarantees through a crafted HTML page. The vulnerability carries a High integrity impact (I:H) with no confidentiality or availability consequence, meaning an attacker can write or manipulate cross-origin data rather than read it. No public exploit code has been identified at time of analysis, and EPSS at 0.02% (4th percentile) suggests minimal observed exploitation pressure currently.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11036 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome prior to 149.0.7827.53 enables remote unauthenticated attackers to violate cross-origin isolation boundaries through a crafted HTML page, producing high integrity impact with no confidentiality or availability loss. Rooted in an inappropriate DOM implementation (CWE-346: Origin Validation Error), the flaw allows a malicious page to cross origin boundaries and manipulate content or state belonging to a different origin. No public exploit code and no CISA KEV listing exist at time of analysis; the EPSS score of 0.02% (4th percentile) reinforces limited real-world exploitation pressure despite the medium CVSS 6.5 rating.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11025 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome for Android prior to 149.0.7827.53 allows a remote attacker to circumvent CSP restrictions by delivering a crafted HTML page to a victim user. The flaw resides in Chrome's Navigation subsystem, where policy enforcement is insufficient, enabling injection or execution of content that CSP headers would otherwise block. No public exploit has been identified at time of analysis, and EPSS sits at the 4th percentile, but the zero-privilege-required, network-accessible attack surface warrants prompt patching on Android deployments.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11018 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to version 149.0.7827.53 enables a remote, unauthenticated attacker to circumvent browser navigation policies by delivering a crafted HTML page to a victim. The flaw resides in the 'Actor' component of the Chromium engine, where policy enforcement is insufficient, leading to a high-integrity-impact breach (CVSS I:H) without any compromise of confidentiality or availability. No public exploit code and no active exploitation have been identified at time of analysis; EPSS stands at 0.02% (4th percentile), reinforcing a currently low real-world exploitation probability.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11017 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Link Preview feature allows a remote attacker who has already compromised the renderer process to circumvent intended browsing boundaries via a crafted HTML page. All Chrome versions prior to 149.0.7827.53 on desktop are affected. The real-world threat is as a second-stage exploitation primitive within a browser attack chain - an attacker leverages this CWE-284 flaw to escape navigation controls after gaining an initial foothold in the renderer, achieving high integrity impact with no confidentiality or availability loss. No public exploit code has been identified and EPSS stands at 0.02% (4th percentile), indicating low observed exploitation probability at time of analysis.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10996 MEDIUM PATCH This Month

Same Origin Policy bypass in Google Chrome's Workers implementation (versions prior to 149.0.7827.53) allows an unauthenticated remote attacker to violate cross-origin integrity boundaries by luring a victim to a crafted HTML page. The CVSS vector confirms no privileges are required but user interaction is necessary, yielding a High integrity impact with no confidentiality or availability consequence. No public exploit has been identified and EPSS stands at 0.02% (4th percentile), indicating no confirmed active exploitation at time of analysis.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10937 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Passwords component prior to version 149.0.7827.53 allows remote attackers to access cross-origin resources via a crafted HTML page that a victim must visit. Rated High severity by Chromium with a CVSS of 8.1, the flaw enables exposure or modification of sensitive data across origin boundaries when a user is lured to attacker-controlled content. EPSS probability is very low (0.02%, 4th percentile) and no public exploit identified at time of analysis, but a vendor patch is available.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11190 MEDIUM PATCH This Month

Discretionary access control bypass in Google Chrome's Extensions subsystem affects all versions prior to 149.0.7827.53, enabling integrity compromise without exposing confidential data. Exploitation requires convincing a target user to install a crafted malicious Chrome Extension, placing social engineering at the center of any attack path. No public exploit code exists and no active exploitation has been confirmed; EPSS sits at 0.01% (1st percentile), indicating very low observed exploitation probability at time of analysis.

Authentication Bypass Google
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11183 MEDIUM PATCH This Month

Out-of-bounds read in Chrome's GWP-ASan memory safety subsystem (versions prior to 149.0.7827.53) enables a local attacker to disclose potentially sensitive contents from process memory by delivering a malicious file to the target. The vulnerability carries a CVSS 6.5 Medium score with high confidentiality impact but no integrity or availability impact, consistent with a pure information-disclosure class. No public exploit code has been identified at time of analysis, EPSS exploitation probability is extremely low at 0.01% (1st percentile), and SSVC assessment confirms no known active exploitation, collectively indicating a low near-term threat priority despite the notable confidentiality impact rating.

Information Disclosure Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11148 MEDIUM PATCH This Month

Cross-origin data leakage via an inappropriate CSRF-class implementation in Google Chrome's Payments component on Android prior to 149.0.7827.53 allows network-delivered exploitation when a victim visits a crafted HTML page. The confidentiality impact is rated High by CVSS (C:H), as sensitive payment-related data from one origin can be exposed to an attacker-controlled page. No public exploit has been identified at time of analysis and the EPSS score of 0.01% (1st percentile) indicates a low probability of in-the-wild exploitation, making this a medium-priority patch rather than an emergency response item.

CSRF Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
Prev Page 9 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy