Skip to main content

Chrome

3936 CVEs product

Monthly

CVE-2026-12460 MEDIUM PATCH This Month

Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. (Chromium security severity: High)

Google Chrome Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
4.2
EPSS
0.3%
CVE-2026-12459 MEDIUM PATCH This Month

Inappropriate implementation in Serial in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

Google Chrome XSS Red Hat Suse
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2026-12458 LOW PATCH Monitor

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Google Chrome Information Disclosure Microsoft Office
NVD VulDB
CVSS 3.1
3.1
EPSS
0.3%
CVE-2026-12457 MEDIUM PATCH This Month

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)

Google Chrome Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-12456 MEDIUM PATCH This Month

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. (Chromium security severity: High)

Google Chrome Authentication Bypass Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-12453 MEDIUM PATCH This Month

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

Google Chrome Authentication Bypass Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
4.2
EPSS
0.3%
CVE-2026-12450 MEDIUM PATCH This Month

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Chrome Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-47252 Go CRITICAL PATCH GHSA Act Now

Code injection in the anyquery chrome_tabs plugin (and Brave/Edge/Safari variants) on macOS allows an authenticated SQL client to break out of an AppleScript URL property record and execute arbitrary `osascript` commands, including `do shell script` for OS-level command execution. The flaw affects anyquery 0.4.4 (commit 0abd460) and stems from unescaped string interpolation at plugins/chrome/tabs.go:141 and :169. Publicly available exploit code exists in the GHSA advisory (GHSA-hrj8-hjv8-mgwc), though no public exploit identified at time of analysis in mass-exploitation feeds and KEV does not list it.

Command Injection Code Injection Google RCE Apple +2
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%
CVE-2026-11309 MEDIUM PATCH This Month

UI spoofing via Chrome's History component (versions prior to 149.0.7827.53) lets an unauthenticated remote attacker deceive users through a crafted HTML page, exploiting insufficient policy enforcement in History navigation handling. The attacker can manipulate browser UI elements perceived by the victim, creating phishing-class deception without any confidentiality or availability impact - consistent with Chromium's own 'Low' severity rating. No public exploit code exists and EPSS sits at 0.03% (11th percentile), indicating very low probability of in-the-wild exploitation at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11308 MEDIUM PATCH This Month

Privilege escalation in Google Chrome's Extensions subsystem, affecting all versions prior to 149.0.7827.53, allows a remote attacker who socially engineers a user into installing a crafted malicious extension to gain elevated privileges within the browser context, impacting confidentiality, integrity, and availability at a low-to-moderate level. The CVSS score of 6.3 (Medium) reflects the network-reachable attack vector offset by mandatory user interaction (UI:R), and Chromium's own security team rated this as Low severity - a notable downgrade from the NVD-calculated score. No public exploit code and no KEV listing have been identified at time of analysis, and the EPSS score of 0.01% (1st percentile) corroborates minimal observed exploitation activity.

Google Privilege Escalation Chrome
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-11307 HIGH PATCH This Week

Remote code execution in Google Chrome's PDFium component prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to open a crafted PDF file. The flaw is a use-after-free memory corruption issue (CWE-416) carrying a CVSS 8.8 rating, though Chromium rated its security severity as Low and no public exploit has been identified at time of analysis. User interaction is required, and code execution is constrained to the Chrome sandbox absent a chained sandbox escape.

Google Memory Corruption RCE Use After Free Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11306 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the PDFium component, allowing a remote attacker to execute arbitrary code within the renderer sandbox by serving a crafted PDF file. While exploitation is constrained to the sandbox and requires user interaction (visiting a page or opening a PDF), the CVSS score of 8.8 reflects the high impact on confidentiality, integrity, and availability if combined with a sandbox escape. No public exploit identified at time of analysis, and CISA SSVC indicates exploitation status of 'none'.

Google Memory Corruption RCE Use After Free Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11305 HIGH PATCH This Week

Remote code execution in Google Chrome's PDFium component prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox via a crafted PDF file. The flaw is a use-after-free memory corruption issue (CWE-416) requiring user interaction to open or render the malicious PDF, and no public exploit identified at time of analysis. Chromium rates the security severity as Low despite the CVSS 8.8 score, reflecting the sandbox containment of the resulting code execution.

Google Memory Corruption RCE Use After Free Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11304 HIGH PATCH This Week

Heap corruption in Google Chrome's PDFium component before version 149.0.7827.53 allows remote attackers to potentially execute arbitrary code by tricking a user into opening a crafted PDF file. The flaw is a use-after-free (CWE-416) carrying a CVSS 8.8 rating, though no public exploit identified at time of analysis and EPSS exploitation probability is negligible at 0.03% (11th percentile). Google rates the Chromium severity as Low despite the high CVSS, reflecting the requirement for user interaction and absence of observed exploitation.

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11303 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the PDFium component that parses PDF documents. A remote attacker who lures a user into opening a crafted PDF can execute arbitrary code, though execution is contained within Chrome's renderer sandbox. No public exploit is identified at time of analysis, and SSVC indicates no observed exploitation.

Google Memory Corruption RCE Use After Free Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11302 MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome for iOS (prior to 149.0.7827.53) allows remote unauthenticated attackers to bypass discretionary access controls via a crafted HTML page, resulting in limited integrity impact. User interaction is required, and exploitation probability is extremely low - EPSS sits at 0.02% (4th percentile). No public exploit identified at time of analysis, and Chromium's own security team rated this as 'Low' severity, consistent with the CVSS 4.3 score and SSVC's 'partial' technical impact assessment.

Apple Authentication Bypass Google Chrome Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11301 HIGH PATCH This Week

Out-of-bounds memory access in Google Chrome's LiveCaption component prior to version 149.0.7827.53 allows a remote attacker to read beyond allocated buffers by delivering crafted network traffic to a user with the feature in use. EPSS is very low (0.03%, 11th percentile) and there is no public exploit identified at time of analysis, though Google's Chromium tracker rated severity Low while NVD's CVSS scored it 8.8 High - a notable disparity worth weighing when prioritizing.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11300 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Permissions subsystem prior to version 149.0.7827.53 enables remote unauthenticated attackers to misrepresent the browser's permission interface by delivering a crafted HTML page to a victim. The flaw (CWE-451) results in low-integrity impact - the attacker can deceive a user into perceiving a false permissions state, potentially manipulating consent decisions. No public exploit code exists, EPSS is 0.03% (8th percentile), CISA SSVC rates exploitation as none, and Chromium's own severity assessment is Low, placing this firmly in the routine-patching tier rather than an urgent response priority.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11297 HIGH PATCH This Week

Navigation restriction bypass in Google Chrome on Android prior to 149.0.7827.53 allows a local attacker to circumvent Reader Mode input validation by supplying a malicious file. No public exploit identified at time of analysis, and EPSS scores exploitation probability at just 0.02% (4th percentile), but Google has released a fix in the stable channel. Chromium internally rates this as Low severity despite the elevated NVD CVSS of 7.7.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-11295 HIGH PATCH This Week

Privilege escalation in Google Chrome's WebView component on Android prior to version 149.0.7827.53 allows a remote attacker to elevate privileges by serving a crafted HTML page to a victim. The flaw requires user interaction (visiting or rendering the malicious page) and carries a CVSS 8.8 due to the high confidentiality, integrity, and availability impact across the browser sandbox. No public exploit identified at time of analysis, and EPSS is very low at 0.04%, but Google has shipped a fix.

Google Privilege Escalation Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11291 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Android Autofill implementation allows remote unauthenticated attackers to perform limited cross-origin integrity violations by delivering a crafted HTML page to a victim user. Affected are all Chrome for Android versions prior to 149.0.7827.53. Impact is constrained to integrity (I:L) with no confidentiality or availability consequence, consistent with Chromium's own 'Low' severity rating. No public exploit code exists and no active exploitation has been confirmed; EPSS exploitation probability sits at 0.02% (4th percentile), making this a low operational priority despite being network-reachable.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11287 MEDIUM PATCH This Month

Navigation policy bypass in Google Chrome on Android (prior to 149.0.7827.53) enables a remote attacker who has already achieved renderer process compromise to circumvent navigation restrictions through a specially crafted HTML page. The vulnerability carries a CVSS integrity impact of High (I:H) with no confidentiality or availability impact, indicating the primary risk is unauthorized navigation to restricted targets - a technique commonly used to chain into further exploitation. No public exploit identified at time of analysis, and EPSS of 0.02% (6th percentile) reflects negligible current exploitation probability; however, its value as a chaining primitive in multi-stage browser attacks warrants attention.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11283 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Shortcuts feature on macOS allows remote attackers to circumvent Chrome's internal URL filtering or navigation controls via a crafted malicious file. Affected versions are all Chrome releases on Mac prior to 149.0.7827.53. The CVSS vector (PR:N, UI:R, I:H) indicates no attacker authentication is required but user interaction with the malicious file is mandatory; EPSS at 0.02% (4th percentile) and no public exploit identified at time of analysis confirm low exploitation probability, consistent with Chromium's own 'Low' severity rating.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11281 MEDIUM PATCH This Month

Integer overflow in Chrome's Chromoting (Remote Desktop) component on Windows exposes process memory contents to local authenticated attackers via crafted ETW (Event Tracing for Windows) events. Affected versions are all Chrome releases on Windows prior to 149.0.7827.53. With CVSS confidentiality impact rated High and no public exploit identified at time of analysis, the practical risk is constrained by the local access and user interaction requirements, though sensitive data such as credentials or session tokens resident in process memory could be disclosed. EPSS score of 0.01% (1st percentile) confirms low observed exploitation probability.

Information Disclosure Google Microsoft Chrome
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-11276 MEDIUM PATCH This Month

Discretionary access control bypass in Google Chrome's Cast feature (prior to 149.0.7827.53) allows an attacker positioned on the local network segment to interfere with Cast functionality via crafted malicious network traffic. The vulnerability stems from improper privilege management (CWE-269) within the Cast implementation, resulting in limited confidentiality and integrity impact (CVSS 5.1). No public exploit code has been identified at time of analysis, and CISA KEV listing is absent; however, the no-authentication-required condition and the network-adjacent attack surface make this relevant for environments where Chrome's Cast feature is actively used on shared or untrusted network segments.

Google Privilege Escalation Red Hat Suse Chrome
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2026-11275 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome for Android's Page Info component (prior to 149.0.7827.53) enables an attacker who has already compromised the renderer process to circumvent Chrome's navigation controls via a specially crafted HTML page. This is a chained exploitation scenario: the vulnerability cannot be triggered standalone but requires a prior renderer compromise as a prerequisite, limiting its practical threat surface. No public exploit has been identified at time of analysis, EPSS is negligible at 0.02%, and the vulnerability is not listed in CISA KEV. Google rates its internal severity as Low.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11273 MEDIUM PATCH This Month

Universal Cross-Site Scripting (UXSS) in the Omnibox component of Google Chrome prior to 149.0.7827.53 enables a remote unauthenticated attacker to inject arbitrary scripts or HTML across origin boundaries by exploiting insufficient input validation. Successful exploitation requires convincing a victim to visit a crafted HTML page and perform specific UI gestures, as confirmed by the UI:R CVSS component and the CVE description. No public exploit has been identified at time of analysis, and the EPSS score of 0.07% (22nd percentile) combined with Google's own 'Low' severity classification indicates limited near-term exploitation likelihood.

Google Code Injection Chrome
NVD VulDB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-11271 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Passwords component (all versions prior to 149.0.7827.53) allows an unauthenticated remote attacker to read sensitive cross-origin information by serving a crafted HTML page and social-engineering the victim into performing specific UI gestures. The CVSS score of 6.5 reflects high confidentiality impact (C:H), though the attack is gated by mandatory user interaction, which materially limits real-world exploitability. No public exploit code has been identified at time of analysis, EPSS places exploitation probability at just 0.03% (11th percentile), and the Chromium security team rated this vulnerability Low severity - all signals consistent with a narrowly exploitable information disclosure rather than a broad critical threat.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11270 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome on Android (prior to 149.0.7827.53) enables remote unauthenticated attackers to exfiltrate data from other origins by directing a victim to a crafted HTML page that exploits an inappropriate UI implementation. The CVSS vector (AV:N/AC:L/PR:N/UI:R) reflects low-complexity network exploitation requiring only a single user interaction, with high confidentiality impact and no integrity or availability loss. No public exploit code and no active exploitation have been identified; an EPSS of 0.03% at the 11th percentile aligns with Chromium's own internal Low severity rating, placing this firmly in the patch-and-move-on category.

CSRF Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11269 HIGH PATCH This Week

Remote code execution within the Chrome renderer sandbox affects Google Chrome desktop builds prior to 149.0.7827.53, stemming from an inappropriate implementation in the Extensions subsystem. An attacker in a privileged network position can deliver a crafted Chrome Extension that, with user interaction, executes arbitrary code confined to the sandbox. No public exploit identified at time of analysis and EPSS probability is very low (0.01%), but a vendor patch is available.

Google RCE Chrome
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-11267 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to 149.0.7827.53 allows a remote attacker who convinces a victim to install a crafted malicious extension to circumvent CSP protections on web pages, enabling unauthorized content injection. The flaw stems from insufficient policy enforcement in Chrome's Extensions subsystem (CWE-602), rated Low severity by the Chromium security team with a CVSS base score of 4.3. No public exploit code exists and no active exploitation has been confirmed; EPSS is 0.01% (1st percentile), reflecting minimal real-world exploitation pressure at time of analysis.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11266 MEDIUM PATCH This Month

SafeBrowsing protection mechanism bypass in Google Chrome prior to version 149.0.7827.53 allows remote unauthenticated attackers to deliver malicious files that evade Chrome's built-in phishing and malware detection layer. The bypass is triggered through user interaction - such as visiting a crafted page or downloading a manipulated file - without requiring any special privileges or configuration. No public exploit has been identified and EPSS is 0.02% (4th percentile), indicating low current exploitation probability; however, successful exploitation silently removes a critical user-facing protection layer, enabling downstream malware delivery.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11265 HIGH PATCH This Week

Cross-origin data leakage in Google Chrome's Autofill component prior to version 149.0.7827.53 enables remote attackers to exfiltrate sensitive data from other origins by enticing a victim to visit a crafted HTML page. Despite a CVSS score of 7.5 reflecting high confidentiality impact, the EPSS score of 0.03% and Chromium's own 'Low' severity rating indicate limited real-world risk, and no public exploit identified at time of analysis.

CSRF Google Chrome
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-11264 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to version 149.0.7827.53 enables remote attackers to circumvent CSP protections via a crafted HTML page, with the victim's browser failing to enforce declared content restrictions. The vulnerability requires user interaction (UI:R) and produces limited integrity impact (I:L) only - no confidentiality or availability loss. EPSS at 0.02% (4th percentile) and no CISA KEV listing indicate negligible current exploitation activity; Chromium has internally rated this Low severity, aligning with the constrained impact scope.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11263 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome for Android prior to 149.0.7827.53 exposes sensitive information through insufficient policy enforcement in the WebAuthentication (WebAuthn) component. An attacker who has already achieved renderer process compromise can exploit this gap to extract cross-origin data by delivering a crafted HTML page to a victim, requiring user interaction. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at a low 0.05% (16th percentile), consistent with Google's own 'Low' severity classification for Chromium.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11262 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the TabStrip component, enabling a remote attacker who lures a victim to a crafted HTML page to corrupt memory and execute arbitrary code within the renderer context. Google rates the underlying Chromium severity as Low, but the CVSS base score of 8.8 reflects the potential impact when chained with a sandbox escape. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11261 MEDIUM PATCH This Month

UI spoofing in Google Chrome's PDF implementation prior to version 149.0.7827.53 can be triggered by a remote attacker who has already compromised the renderer process, using a crafted HTML page to mislead users through false interface elements. The vulnerability is rated Low severity by the Chromium security team, with a CVSS score of 4.3, and carries a negligible exploitation probability (EPSS 0.05%, 15th percentile). No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog, making real-world exploitation highly unlikely outside of sophisticated, chained attack scenarios.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11260 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to 149.0.7827.53 stems from an inappropriate implementation in the browser's Permissions subsystem, enabling a remote attacker to circumvent CSP restrictions through a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) confirms the impact is limited to a partial integrity violation - no confidentiality or availability consequences are indicated. No public exploit identified at time of analysis; EPSS at 0.01% (2nd percentile) and Chromium's own 'Low' severity rating together indicate very low near-term exploitation likelihood.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11259 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Cast component exposes users to limited cross-origin integrity violations via a crafted HTML page, affecting all desktop Chrome versions prior to 149.0.7827.53. An unauthenticated remote attacker can circumvent the browser's fundamental cross-origin boundary by exploiting insufficient input validation in the Cast subsystem, achieving a low-severity integrity impact against a visiting user. No public exploit has been identified at time of analysis, and the EPSS score of 0.02% (6th percentile) combined with Chromium's own 'Low' severity rating indicate minimal real-world exploitation risk.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11258 MEDIUM PATCH This Month

File System Access API in Google Chrome prior to 149.0.7827.53 allows a remote attacker to bypass discretionary access control (DAC) by convincing a user to perform specific UI gestures on a crafted HTML page. The CVSS vector (I:H, C:N, A:N) confirms the impact is limited to unauthorized file integrity compromise - an attacker could write or modify local files beyond what the user explicitly permitted. No public exploit code exists and EPSS is 0.02% (4th percentile), aligning with Chromium's own internal 'Low' severity rating, indicating limited real-world exploitation likelihood at time of analysis.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11257 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to 149.0.7827.53 allows a remote unauthenticated attacker to circumvent browser-enforced navigation controls by delivering a crafted HTML page to a victim. The flaw is classified by Google as an inappropriate implementation in the browser component, carrying a CVSS 4.3 (Medium) with limited integrity impact and no confidentiality or availability consequence. No public exploit has been identified at time of analysis, EPSS exploitation probability stands at 0.02% (4th percentile), and Google's internal Chromium severity rating is Low - consistent signals pointing to a low-urgency, routine-patch item outside of specialized deployment contexts.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11256 HIGH PATCH This Week

Sandbox escape in Google Chrome's GPU process prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers an integer overflow. The flaw, tagged as a buffer overflow with information disclosure potential, requires user interaction and a chained renderer compromise, and no public exploit has been identified at time of analysis despite Chromium rating the underlying severity as Low.

Information Disclosure Google Buffer Overflow Red Hat Suse +1
NVD
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-11255 HIGH PATCH This Week

Cross-origin data leakage in Google Chrome's Storage Access API affects desktop versions prior to 149.0.7827.53, enabling a remote attacker who has already compromised the renderer process to exfiltrate sensitive cross-origin information via a specially crafted HTML page. Google rates the underlying Chromium severity as Low, though NVD assigns CVSS 7.5 due to the unauthenticated network vector, and no public exploit identified at time of analysis.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-11254 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Permissions implementation prior to version 149.0.7827.53 allows a remote, unauthenticated attacker to deceive users through manipulated browser permission dialogs via a crafted HTML page. Exploitation requires user interaction - a victim must visit a malicious page - and the real-world impact is limited to low-integrity outcomes such as misleading users into granting or denying permissions under false pretenses. No public exploit code exists and this vulnerability has not been added to the CISA KEV catalog at time of analysis.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11253 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Permissions subsystem (prior to 149.0.7827.53) enables remote unauthenticated attackers to read data across origin boundaries via a crafted HTML page. The flaw, classified as a race condition (CWE-362) in the Permissions implementation, undermines the browser's Same-Origin Policy enforcement - a foundational web isolation mechanism. No public exploit identified at time of analysis; a vendor-released patch is available in version 149.0.7827.53, and Google has rated this Low severity in Chromium security terms.

Information Disclosure Google Race Condition Red Hat Suse +1
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11252 MEDIUM PATCH This Month

Content Settings policy enforcement bypass in Google Chrome prior to 149.0.7827.53 enables remote attackers to circumvent discretionary access control by delivering a crafted HTML page to a victim who must interact with it. Rooted in CWE-284 (Improper Access Control), the flaw affects Chrome's Content Settings subsystem - which governs site-level permissions such as cookies, notifications, and script access - yielding a limited integrity impact with no confidentiality or availability consequences. No public exploit has been identified and the vulnerability is absent from CISA KEV; the vendor itself rates this as Low severity, consistent with the CVSS 4.3 base score.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11251 LOW PATCH Monitor

Insufficient policy enforcement in Google Chrome's Password Manager (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to bypass discretionary access control via a crafted HTML page, resulting in limited confidentiality exposure. This is a chained vulnerability: exploitation is contingent on a prior renderer process compromise, which substantially elevates attack complexity and limits realistic blast radius. No public exploit code exists and this CVE is not listed in the CISA KEV catalog. Google has rated this Low severity and released a fix in Chrome 149.0.7827.53.

Authentication Bypass Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-11250 CRITICAL PATCH Act Now

Information disclosure in Google Chrome DevTools prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to read potentially sensitive data from process memory by serving a crafted HTML page. The flaw stems from a use-after-free condition (CWE-416) in DevTools, and while Google rates the underlying Chromium severity as Low, the NVD CVSS of 9.6 reflects the cross-origin scope change possible when chained with a prior renderer compromise. No public exploit identified at time of analysis.

Information Disclosure Use After Free Memory Corruption Google Red Hat +2
NVD
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11249 MEDIUM PATCH This Month

Use-after-free in the Network component of Google Chrome prior to version 149.0.7827.53 enables an attacker who has already compromised the renderer process to read potentially sensitive data from process memory by delivering a crafted HTML page. The Changed scope (S:C) in the CVSS vector confirms the vulnerability crosses security boundaries - specifically from the renderer sandbox into the Network process - making this a secondary exploitation step rather than an initial access vector. No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog; Google has released a patched stable channel build.

Denial Of Service Use After Free Memory Corruption Google Red Hat +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-11248 HIGH PATCH This Week

Navigation restriction bypass in Google Chrome's Lens component prior to version 149.0.7827.53 allows a remote attacker to circumvent browser security boundaries via a crafted HTML page. The flaw requires user interaction (UI:R) to trigger, but no authentication, and Google classifies the Chromium security severity as Low despite the NVD CVSS of 8.8. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11247 LOW PATCH Monitor

Cross-origin data leakage in Google Chrome's CustomTabs component on Android exposes sensitive information to remote attackers via a crafted HTML page. Affected versions are all Chrome for Android releases prior to 149.0.7827.53, where insufficient policy enforcement in the CustomTabs API fails to uphold cross-origin isolation guarantees. No public exploit identified at time of analysis and no confirmed active exploitation (CISA KEV not listed); the EPSS score of 0.03% (11th percentile) and a CVSS score of 3.1 (Low) together indicate low real-world exploitation likelihood.

Information Disclosure Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-11246 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's IndexedDB implementation affects all versions prior to 149.0.7827.53, enabling an attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. The integrity-only impact (C:N/I:H/A:N) means a successful exploitation could allow unauthorized writes or data manipulation across origins, but does not directly expose confidential data. No public exploit code has been identified at time of analysis, and Google's own Chromium security team rated this Low severity; a vendor-released patch is available at version 149.0.7827.53.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-11245 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Payments component prior to version 149.0.7827.53 enables a remote unauthenticated attacker to mislead users about payment interface elements via a crafted HTML page. The vulnerability stems from inappropriate implementation logic (CWE-451) that allows visual misrepresentation of critical payment-related UI, potentially facilitating phishing or payment fraud against end users who interact with a malicious page. No public exploit code has been identified at time of analysis, and Chromium's internal severity rating is Low, consistent with its limited integrity-only, user-interaction-dependent impact.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11244 LOW PATCH Monitor

Same-origin policy bypass in Google Chrome's WebAuthentication component affects all Chrome versions prior to 149.0.7827.53, exploitable only by a remote attacker who has already compromised the renderer process. Insufficient input validation in the WebAuthn subsystem allows crafted HTML pages to circumvent same-origin restrictions, resulting in limited confidentiality disclosure (C:L). Chromium's own severity classification is Low, consistent with the CVSS 3.1 score of 3.1, and no public exploit or CISA KEV listing has been identified at time of analysis. The mandatory prerequisite of renderer process compromise significantly constrains the realistic attacker population to sophisticated, multi-stage threat actors.

Authentication Bypass Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-11243 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Downloads subsystem prior to version 149.0.7827.53 enables a remote unauthenticated attacker to circumvent browser navigation controls by luring a user to a crafted HTML page. The flaw is rooted in an inappropriate implementation classified as CWE-346 (Origin Validation Error), meaning Chrome fails to properly validate the origin of requests or data within the Downloads flow. Rated Medium by CVSS (5.4) and Low by Chromium's own severity scale, no public exploit code or CISA KEV listing has been identified at time of analysis.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-11242 HIGH PATCH This Week

Cross-origin data disclosure in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to leak data across origin boundaries by serving a crafted HTML page through the Plugins component. No public exploit has been identified at time of analysis, and Chromium rates the underlying issue as Low severity despite the NVD CVSS of 7.5. The flaw stems from insufficient validation of untrusted input (CWE-20) within Chrome's plugin handling path.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-11241 HIGH PATCH This Week

Privilege escalation in Google Chrome's Cast component (versions prior to 149.0.7827.53) allows an adjacent network attacker to elevate privileges by delivering a crafted HTML page that exploits insufficient input validation. Exploitation requires the victim to interact with the malicious content, and no public exploit has been identified at time of analysis despite a CVSS score of 8.0. Google has classified the Chromium security severity as Low, suggesting the practical impact is more constrained than the numeric score implies.

Google Privilege Escalation Red Hat Suse Chrome
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-11240 LOW PATCH Monitor

Site isolation bypass in Google Chrome's Loader component (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to escape Chrome's cross-site data boundary via a crafted HTML page. The vulnerability stems from insufficient validation of untrusted input in the Loader, enabling a post-exploitation primitive that leaks limited confidentiality data across site boundaries. With a CVSS score of 3.1 (Low), EPSS at 0.02% (6th percentile), no CISA KEV listing, and Chromium's own classification as Low severity, this represents a low-urgency chained-exploit stepping stone rather than a standalone critical threat; no public exploit identified at time of analysis.

Authentication Bypass Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-11239 HIGH PATCH This Week

Privilege escalation in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape sandbox-style restrictions via the Extensions subsystem using a crafted HTML page. The flaw requires user interaction and high attack complexity, and is rated Low severity by the Chromium team despite the 7.5 CVSS score; no public exploit identified at time of analysis.

Google Privilege Escalation Red Hat Suse Chrome
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11238 MEDIUM PATCH This Month

Inappropriate implementation in Google Chrome's DevTools component prior to version 149.0.7827.53 allows a crafted Chrome Extension to access and read sensitive data from process memory. Exploitation requires social engineering a target user into installing a malicious extension, after which the extension can invoke under-guarded DevTools APIs to extract potentially sensitive in-memory content such as credentials, tokens, or session data. No public exploit has been identified at time of analysis, and the EPSS score of 0.01% indicates very low observed exploitation probability; however, the confidentiality impact is rated High by CVSS.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-11231 HIGH PATCH This Week

Remote code execution in Google Chrome on macOS prior to 149.0.7827.53 allows a remote attacker to run arbitrary code by tricking a user into interacting with a malicious file, due to an inappropriate implementation in the Safe Browsing component. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.04%, 12th percentile), though the CVSS base score of 8.1 reflects high confidentiality and integrity impact. Chromium internally rated the security severity as Low, suggesting practical exploitability is constrained despite the high CVSS.

Code Injection Google RCE Chrome
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-11227 MEDIUM PATCH This Month

Tab Hover Cards in Google Chrome prior to 149.0.7827.53 render domain names incorrectly, enabling a remote unauthenticated attacker to spoof displayed domain identity via a crafted domain name, misleading users about the true destination of a browser tab. CVSS rates Integrity impact as High (I:H), reflecting the real deception potential in phishing scenarios, while Chromium itself labels this Low severity - a notable contrast worth flagging. No public exploit identified at time of analysis, and EPSS at 0.03% (11th percentile) reflects minimal current exploitation interest.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11226 MEDIUM PATCH This Month

Same-origin policy bypass in the PreviewTab component of Google Chrome for Android (versions prior to 149.0.7827.53) enables a remote unauthenticated attacker to violate cross-origin isolation and corrupt content integrity. Exploitation requires social engineering - the victim must visit a crafted HTML page and be manipulated into performing specific UI gestures within the PreviewTab interface. The CVSS vector scores high integrity impact (I:H) with no confidentiality or availability impact, indicating an attacker can alter or inject content across origin boundaries but cannot directly exfiltrate data. No public exploit code or CISA KEV listing has been identified; EPSS sits at 0.02% (4th percentile), reflecting very low current exploitation probability.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11225 MEDIUM PATCH This Month

Domain spoofing in Google Chrome's WebUI component (versions prior to 149.0.7827.53) allows unauthenticated remote attackers to display a misleading domain name in the browser UI by delivering a crafted domain to a victim. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) assigns High integrity impact, reflecting the ability to undermine a user's origin-trust decisions - the cornerstone of browser security. No public exploit code exists and EPSS sits at 0.03% (10th percentile), consistent with Google's own 'Low' Chromium severity rating; risk is realistic but non-urgent outside phishing-focused threat models.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11224 HIGH PATCH This Week

Remote code execution in Google Chrome on Linux versions prior to 149.0.7827.53 allows a remote attacker to exploit a use-after-free condition in the Chromoting component via malicious network traffic. The flaw carries a CVSS 3.1 score of 8.1 (high) with no public exploit identified at time of analysis and an EPSS probability of 0.04%, though Google rates the Chromium severity as Low. The vendor has shipped a fix in the stable channel update for desktop.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-11223 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Network component (versions prior to 149.0.7827.53) enables a post-compromise attacker who already controls the renderer process to subvert cross-origin enforcement via a crafted HTML page. The CVSS integrity impact is rated High (I:H), but exploitation is gated behind a required renderer-process pre-compromise, substantially raising the real-world attack bar. No public exploit code exists and no CISA KEV listing is present; EPSS stands at 0.02% (6th percentile), consistent with Google's own Low severity rating for this issue.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11222 MEDIUM PATCH This Month

Domain spoofing via Tab Strip UI misrepresentation in Google Chrome prior to 149.0.7827.53 enables remote unauthenticated attackers to deceive users into believing they are visiting a legitimate domain by serving a crafted HTML page that corrupts the displayed origin in the tab strip. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) confirms network-accessible exploitation requiring no privileges but requiring user interaction, with integrity impact reflecting successful identity deception rather than data exfiltration or code execution. No public exploit code exists and EPSS at 0.03% (11th percentile) reflects negligible observed exploitation activity; this is not currently listed in the CISA KEV catalog.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11221 MEDIUM PATCH This Month

UI spoofing in Google Chrome's PointerLock API prior to version 149.0.7827.53 allows an attacker who has already compromised the renderer process to manipulate browser UI presentation via a crafted HTML page. The CVSS score of 4.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) reflects limited integrity-only impact with no confidentiality or availability consequences, and Google itself rated this 'Low' severity. No public exploit has been identified and the EPSS score of 0.05% (15th percentile) confirms very low real-world exploitation probability at time of analysis.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11220 MEDIUM PATCH This Month

Site isolation bypass in Google Chrome's Navigation component allows a remote attacker who has already compromised the renderer process to break Chrome's cross-origin security boundary via a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53. The CVSS vector (I:H) reflects high integrity impact against protected origins, but the real-world risk is substantially gated by the prerequisite of renderer process compromise - a condition Google itself rates as 'Low' severity in Chromium's internal classification. No public exploit code or CISA KEV listing has been identified at time of analysis.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11219 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to 149.0.7827.53 allows remote unauthenticated attackers to circumvent Chrome's built-in navigation controls by delivering a crafted HTML page to a victim. The flaw stems from an inappropriate implementation in Chrome's Navigation subsystem (CWE-693: Protection Mechanism Failure), yielding low integrity impact with no confidentiality or availability consequences. No public exploit has been identified at time of analysis and EPSS exploitation probability is 0.02% (4th percentile), consistent with Google Chromium's own Low severity classification for this issue.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11218 MEDIUM PATCH This Month

Remote code execution in Google Chrome on Windows prior to version 149.0.7827.53 allows a remote attacker to run arbitrary code when a victim is lured into performing specific UI gestures involving a malicious file delivered through the PlatformIntegration component. The flaw stems from improper input validation (CWE-20) and, while a vendor patch is available, no public exploit has been identified at time of analysis and EPSS scoring (0.04%) indicates very low near-term exploitation probability.

Google Microsoft RCE Red Hat Suse +1
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-11217 MEDIUM PATCH This Month

Site isolation bypass in Google Chrome's Fenced Frames component allows an attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53 on desktop platforms. No public exploit code has been identified at time of analysis, and EPSS sits at a low 0.02% (4th percentile), consistent with Chromium's own 'Low' severity rating despite the 6.5 CVSS score - real-world risk is contingent on a separate, preceding renderer exploit.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11216 MEDIUM PATCH This Month

UI spoofing in Google Chrome's File Input component (versions prior to 149.0.7827.53) enables remote attackers to misrepresent security-critical interface elements to users through specially crafted HTML pages. The attacker must convince a target to perform specific UI gestures - such as drag-and-drop or deliberate click sequences - to trigger incorrect rendering of the browser's file selection security UI. No public exploit identified at time of analysis; EPSS at 0.03% (11th percentile) signals very low exploitation probability, consistent with no CISA KEV listing.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11215 MEDIUM PATCH This Month

Domain spoofing in Google Chrome's Cronet networking library on Android (versions prior to 149.0.7827.53) enables remote unauthenticated attackers to misrepresent domain names to victims browsing on Android devices. The CVSS vector (AV:N/AC:L/PR:N/UI:R/I:H) confirms high integrity impact with no privileges required, contingent on victim interaction with a crafted URL. EPSS at 0.03% (11th percentile) and no CISA KEV listing indicate no public exploitation at time of analysis, making this primarily a targeted phishing-enablement risk rather than an actively weaponized vector.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11214 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome for iOS prior to version 149.0.7827.53 enables a remote unauthenticated attacker to read sensitive data from cross-origin resources by tricking a user into visiting a crafted HTML page. The flaw stems from an inappropriate implementation in the iOS-specific Chrome code path (CWE-346: Origin Validation Error), undermining the browser's Same-Origin Policy enforcement on Apple's platform. No public exploit code exists and no active exploitation is confirmed; with an EPSS of 0.03% (11th percentile), real-world risk is currently assessed as low despite the high confidentiality impact in the CVSS scoring.

Apple Information Disclosure Google Suse Chrome +1
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11213 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that abuses Reading Mode's insufficient input validation. The CVSS 9.6 rating reflects the scope-changing impact (S:C) when chained from a renderer compromise, though EPSS is very low (0.05%) and no public exploit identified at time of analysis. Chromium rates the underlying issue Medium severity, reflecting that prior renderer compromise is a prerequisite.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11212 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's DevTools component (prior to 149.0.7827.53) enables an attacker to bypass same-origin policy enforcement through a crafted malicious extension. Exploitation requires convincing a target user to install the attacker-controlled extension, after which cross-origin data can be exfiltrated via insufficient DevTools policy controls. No public exploit code has been identified at time of analysis, and the EPSS score of 0.01% (1st percentile) indicates very low observed exploitation probability; the vulnerability is not listed in the CISA KEV catalog.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11211 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from an integer overflow in the V8 JavaScript engine that allows a remote attacker to execute arbitrary code within the renderer sandbox via a crafted HTML page. The flaw requires user interaction (visiting a malicious page) and currently has no public exploit identified at time of analysis, with an EPSS score of 0.04% indicating very low near-term exploitation probability. Chromium rates the security severity as Medium despite the 8.8 CVSS score, and SSVC indicates no observed exploitation though technical impact is total.

Google RCE Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11210 MEDIUM PATCH This Month

Safe Browsing bypass in Google Chrome prior to 149.0.7827.53 allows a remote attacker to circumvent discretionary access control protections by delivering a specially crafted RAR file to a victim who interacts with it. The CVSS vector (AV:N/AC:L/PR:N/UI:R) confirms no authentication or elevated privileges are required on the attacker side, but exploitation depends on user interaction - the victim must engage with the malicious RAR file. The integrity impact is rated High (I:H) with no confidentiality or availability impact, indicating the primary risk is bypassing file-based access controls enforced by the Safe Browsing subsystem. No public exploit identified at time of analysis, and EPSS at 0.02% (4th percentile) reflects very low observed exploitation probability.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11209 MEDIUM PATCH This Month

Sensitive information disclosure in Google Chrome's Passwords component (prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to read potentially sensitive data - including password material - from process memory by delivering a crafted HTML page. The attack carries a CVSS 6.5 (Medium) rating with high confidentiality impact and no integrity or availability consequence. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at 0.03% (11th percentile), consistent with the non-trivial prerequisite of prior renderer compromise.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11208 MEDIUM PATCH This Month

Memory information disclosure in Google Chrome's Codecs component affects all desktop versions prior to 149.0.7827.53, enabling remote unauthenticated attackers to read potentially sensitive data from browser process memory when a user visits a specially crafted HTML page. The root cause is a use-after-free (CWE-416) in the media codec subsystem, yielding high confidentiality impact with no integrity or availability consequences per CVSS. EPSS is very low at 0.03% (11th percentile) and SSVC confirms no active exploitation, placing this firmly in the routine patch category despite its Medium severity score.

Denial Of Service Use After Free Memory Corruption Google Red Hat +2
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11207 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows remote attackers to break out of the browser's renderer sandbox by sending malicious network traffic processed by the Autofill component. The flaw is rated CVSS 9.6 due to scope change and high impact across confidentiality, integrity, and availability, though Chromium itself assigns it Medium severity and EPSS exploitation probability is currently very low (0.05%). No public exploit identified at time of analysis, but a vendor-released patch is available.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11206 MEDIUM PATCH This Month

Cross-origin data leakage via ServiceWorker policy bypass in Google Chrome affects all desktop versions prior to 149.0.7827.53. Insufficient policy enforcement in Chrome's ServiceWorker API allows unauthenticated remote attackers to read sensitive cross-origin data from a victim's browser session by directing the victim to a crafted HTML page. EPSS exploitation probability is very low at 0.03% (11th percentile), no public exploit code has been identified, and no CISA KEV listing exists at time of analysis - making this a moderate confidentiality risk that warrants patching but is not an immediate emergency for most organizations.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11205 MEDIUM PATCH This Month

Universal Cross-Site Scripting (UXSS) in Google Chrome for iOS prior to 149.0.7827.53 allows a remote, unauthenticated attacker to inject arbitrary scripts or HTML across origin boundaries by delivering a crafted QR code and convincing the target to perform specific UI gestures within the browser. The CVSS Scope:Changed rating confirms this bypasses the same-origin policy, meaning injected scripts can access sessions and data from other open origins. No public exploit code has been identified at time of analysis, and the EPSS score of 0.07% (22nd percentile) indicates low observed exploitation probability, though the attack is fully network-accessible once social engineering is achieved. Note: the 'RCE' tag attached to this CVE is inconsistent with the description, which describes UXSS - not OS-level code execution - and should be treated as a tagging error.

Apple Google RCE Suse Chrome +1
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-11204 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome for iOS (versions prior to 149.0.7827.53) exploits an inappropriate implementation within the Signin component, enabling a remote attacker to circumvent navigation controls by delivering a crafted HTML page to a victim. Per CVSS (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N), no authentication is required by the attacker, but user interaction is necessary - the victim must visit or load the malicious page. No public exploit has been identified at time of analysis, SSVC reports exploitation as none, and the EPSS score of 0.02% (4th percentile) indicates very low likelihood of opportunistic exploitation; nevertheless, the high integrity impact warrants prompt patching on all managed iOS Chrome deployments.

Apple Authentication Bypass Google Suse Chrome +1
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11203 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's GPU implementation on macOS allows remote unauthenticated attackers to exfiltrate sensitive cross-origin information by luring a user to a crafted HTML page. Affected are all Chrome releases on Mac prior to 149.0.7827.53. The vulnerability stems from an inappropriate GPU implementation (CWE-200) and carries no publicly available exploit at time of analysis; EPSS sits at 0.03% (11th percentile), indicating low current exploitation probability. No active exploitation has been confirmed by CISA KEV.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11202 HIGH PATCH This Week

Sandbox escape in Google Chrome for iOS prior to 149.0.7827.53 allows a remote attacker who lures a victim to a malicious page to potentially break out of Chrome's renderer sandbox via crafted HTML. The flaw is rated CVSS 8.8 (High) due to high confidentiality, integrity, and availability impact, though Chromium internally classifies severity as Medium and EPSS exploitation probability is currently very low (0.05%). No public exploit identified at time of analysis.

Apple Information Disclosure Google Suse Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11201 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free condition in the ServiceWorker component that can be triggered by a malicious browser extension. An attacker who convinces a user to install a crafted Chrome Extension can achieve arbitrary code execution within the renderer context. No public exploit has been identified at time of analysis and EPSS exploitation probability is very low at 0.01%, but the high CVSS score (8.8) reflects the severe potential impact.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11200 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebRTC subsystem (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to read data across origin boundaries when a victim visits a crafted HTML page. The vulnerability carries a CVSS 6.5 Medium score with high confidentiality impact, but mandatory user interaction prevents automated mass exploitation - consistent with SSVC Automatable: no and an EPSS of 0.03% (10th percentile). No public exploit code exists and this CVE is not listed in the CISA Known Exploited Vulnerabilities catalog at time of analysis.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11199 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebRTC implementation allows a network-positioned attacker to extract sensitive cross-origin information via crafted malicious network traffic. Affected versions are all Chrome releases prior to 149.0.7827.53; the fix is available in the stable channel update. No public exploit exists and no active exploitation has been identified - EPSS sits at 0.02% (4th percentile) and CISA SSVC assesses exploitation as none and automation as not feasible, placing real-world urgency well below the raw CVSS confidentiality impact suggests.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. (Chromium security severity: High)

Google Chrome Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Inappropriate implementation in Serial in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

Google Chrome XSS +2
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Google Chrome Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)

Google Chrome Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. (Chromium security severity: High)

Google Chrome Authentication Bypass +3
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

Google Chrome Authentication Bypass +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Chrome Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

Code injection in the anyquery chrome_tabs plugin (and Brave/Edge/Safari variants) on macOS allows an authenticated SQL client to break out of an AppleScript URL property record and execute arbitrary `osascript` commands, including `do shell script` for OS-level command execution. The flaw affects anyquery 0.4.4 (commit 0abd460) and stems from unescaped string interpolation at plugins/chrome/tabs.go:141 and :169. Publicly available exploit code exists in the GHSA advisory (GHSA-hrj8-hjv8-mgwc), though no public exploit identified at time of analysis in mass-exploitation feeds and KEV does not list it.

Command Injection Code Injection Google +4
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing via Chrome's History component (versions prior to 149.0.7827.53) lets an unauthenticated remote attacker deceive users through a crafted HTML page, exploiting insufficient policy enforcement in History navigation handling. The attacker can manipulate browser UI elements perceived by the victim, creating phishing-class deception without any confidentiality or availability impact - consistent with Chromium's own 'Low' severity rating. No public exploit code exists and EPSS sits at 0.03% (11th percentile), indicating very low probability of in-the-wild exploitation at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Privilege escalation in Google Chrome's Extensions subsystem, affecting all versions prior to 149.0.7827.53, allows a remote attacker who socially engineers a user into installing a crafted malicious extension to gain elevated privileges within the browser context, impacting confidentiality, integrity, and availability at a low-to-moderate level. The CVSS score of 6.3 (Medium) reflects the network-reachable attack vector offset by mandatory user interaction (UI:R), and Chromium's own security team rated this as Low severity - a notable downgrade from the NVD-calculated score. No public exploit code and no KEV listing have been identified at time of analysis, and the EPSS score of 0.01% (1st percentile) corroborates minimal observed exploitation activity.

Google Privilege Escalation Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's PDFium component prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to open a crafted PDF file. The flaw is a use-after-free memory corruption issue (CWE-416) carrying a CVSS 8.8 rating, though Chromium rated its security severity as Low and no public exploit has been identified at time of analysis. User interaction is required, and code execution is constrained to the Chrome sandbox absent a chained sandbox escape.

Google Memory Corruption RCE +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the PDFium component, allowing a remote attacker to execute arbitrary code within the renderer sandbox by serving a crafted PDF file. While exploitation is constrained to the sandbox and requires user interaction (visiting a page or opening a PDF), the CVSS score of 8.8 reflects the high impact on confidentiality, integrity, and availability if combined with a sandbox escape. No public exploit identified at time of analysis, and CISA SSVC indicates exploitation status of 'none'.

Google Memory Corruption RCE +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's PDFium component prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox via a crafted PDF file. The flaw is a use-after-free memory corruption issue (CWE-416) requiring user interaction to open or render the malicious PDF, and no public exploit identified at time of analysis. Chromium rates the security severity as Low despite the CVSS 8.8 score, reflecting the sandbox containment of the resulting code execution.

Google Memory Corruption RCE +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's PDFium component before version 149.0.7827.53 allows remote attackers to potentially execute arbitrary code by tricking a user into opening a crafted PDF file. The flaw is a use-after-free (CWE-416) carrying a CVSS 8.8 rating, though no public exploit identified at time of analysis and EPSS exploitation probability is negligible at 0.03% (11th percentile). Google rates the Chromium severity as Low despite the high CVSS, reflecting the requirement for user interaction and absence of observed exploitation.

Denial Of Service Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the PDFium component that parses PDF documents. A remote attacker who lures a user into opening a crafted PDF can execute arbitrary code, though execution is contained within Chrome's renderer sandbox. No public exploit is identified at time of analysis, and SSVC indicates no observed exploitation.

Google Memory Corruption RCE +3
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome for iOS (prior to 149.0.7827.53) allows remote unauthenticated attackers to bypass discretionary access controls via a crafted HTML page, resulting in limited integrity impact. User interaction is required, and exploitation probability is extremely low - EPSS sits at 0.02% (4th percentile). No public exploit identified at time of analysis, and Chromium's own security team rated this as 'Low' severity, consistent with the CVSS 4.3 score and SSVC's 'partial' technical impact assessment.

Apple Authentication Bypass Google +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out-of-bounds memory access in Google Chrome's LiveCaption component prior to version 149.0.7827.53 allows a remote attacker to read beyond allocated buffers by delivering crafted network traffic to a user with the feature in use. EPSS is very low (0.03%, 11th percentile) and there is no public exploit identified at time of analysis, though Google's Chromium tracker rated severity Low while NVD's CVSS scored it 8.8 High - a notable disparity worth weighing when prioritizing.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Permissions subsystem prior to version 149.0.7827.53 enables remote unauthenticated attackers to misrepresent the browser's permission interface by delivering a crafted HTML page to a victim. The flaw (CWE-451) results in low-integrity impact - the attacker can deceive a user into perceiving a false permissions state, potentially manipulating consent decisions. No public exploit code exists, EPSS is 0.03% (8th percentile), CISA SSVC rates exploitation as none, and Chromium's own severity assessment is Low, placing this firmly in the routine-patching tier rather than an urgent response priority.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Navigation restriction bypass in Google Chrome on Android prior to 149.0.7827.53 allows a local attacker to circumvent Reader Mode input validation by supplying a malicious file. No public exploit identified at time of analysis, and EPSS scores exploitation probability at just 0.02% (4th percentile), but Google has released a fix in the stable channel. Chromium internally rates this as Low severity despite the elevated NVD CVSS of 7.7.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Google Chrome's WebView component on Android prior to version 149.0.7827.53 allows a remote attacker to elevate privileges by serving a crafted HTML page to a victim. The flaw requires user interaction (visiting or rendering the malicious page) and carries a CVSS 8.8 due to the high confidentiality, integrity, and availability impact across the browser sandbox. No public exploit identified at time of analysis, and EPSS is very low at 0.04%, but Google has shipped a fix.

Google Privilege Escalation Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Android Autofill implementation allows remote unauthenticated attackers to perform limited cross-origin integrity violations by delivering a crafted HTML page to a victim user. Affected are all Chrome for Android versions prior to 149.0.7827.53. Impact is constrained to integrity (I:L) with no confidentiality or availability consequence, consistent with Chromium's own 'Low' severity rating. No public exploit code exists and no active exploitation has been confirmed; EPSS exploitation probability sits at 0.02% (4th percentile), making this a low operational priority despite being network-reachable.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Navigation policy bypass in Google Chrome on Android (prior to 149.0.7827.53) enables a remote attacker who has already achieved renderer process compromise to circumvent navigation restrictions through a specially crafted HTML page. The vulnerability carries a CVSS integrity impact of High (I:H) with no confidentiality or availability impact, indicating the primary risk is unauthorized navigation to restricted targets - a technique commonly used to chain into further exploitation. No public exploit identified at time of analysis, and EPSS of 0.02% (6th percentile) reflects negligible current exploitation probability; however, its value as a chaining primitive in multi-stage browser attacks warrants attention.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Shortcuts feature on macOS allows remote attackers to circumvent Chrome's internal URL filtering or navigation controls via a crafted malicious file. Affected versions are all Chrome releases on Mac prior to 149.0.7827.53. The CVSS vector (PR:N, UI:R, I:H) indicates no attacker authentication is required but user interaction with the malicious file is mandatory; EPSS at 0.02% (4th percentile) and no public exploit identified at time of analysis confirm low exploitation probability, consistent with Chromium's own 'Low' severity rating.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Integer overflow in Chrome's Chromoting (Remote Desktop) component on Windows exposes process memory contents to local authenticated attackers via crafted ETW (Event Tracing for Windows) events. Affected versions are all Chrome releases on Windows prior to 149.0.7827.53. With CVSS confidentiality impact rated High and no public exploit identified at time of analysis, the practical risk is constrained by the local access and user interaction requirements, though sensitive data such as credentials or session tokens resident in process memory could be disclosed. EPSS score of 0.01% (1st percentile) confirms low observed exploitation probability.

Information Disclosure Google Microsoft +1
NVD VulDB
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Discretionary access control bypass in Google Chrome's Cast feature (prior to 149.0.7827.53) allows an attacker positioned on the local network segment to interfere with Cast functionality via crafted malicious network traffic. The vulnerability stems from improper privilege management (CWE-269) within the Cast implementation, resulting in limited confidentiality and integrity impact (CVSS 5.1). No public exploit code has been identified at time of analysis, and CISA KEV listing is absent; however, the no-authentication-required condition and the network-adjacent attack surface make this relevant for environments where Chrome's Cast feature is actively used on shared or untrusted network segments.

Google Privilege Escalation Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome for Android's Page Info component (prior to 149.0.7827.53) enables an attacker who has already compromised the renderer process to circumvent Chrome's navigation controls via a specially crafted HTML page. This is a chained exploitation scenario: the vulnerability cannot be triggered standalone but requires a prior renderer compromise as a prerequisite, limiting its practical threat surface. No public exploit has been identified at time of analysis, EPSS is negligible at 0.02%, and the vulnerability is not listed in CISA KEV. Google rates its internal severity as Low.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Universal Cross-Site Scripting (UXSS) in the Omnibox component of Google Chrome prior to 149.0.7827.53 enables a remote unauthenticated attacker to inject arbitrary scripts or HTML across origin boundaries by exploiting insufficient input validation. Successful exploitation requires convincing a victim to visit a crafted HTML page and perform specific UI gestures, as confirmed by the UI:R CVSS component and the CVE description. No public exploit has been identified at time of analysis, and the EPSS score of 0.07% (22nd percentile) combined with Google's own 'Low' severity classification indicates limited near-term exploitation likelihood.

Google Code Injection Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Passwords component (all versions prior to 149.0.7827.53) allows an unauthenticated remote attacker to read sensitive cross-origin information by serving a crafted HTML page and social-engineering the victim into performing specific UI gestures. The CVSS score of 6.5 reflects high confidentiality impact (C:H), though the attack is gated by mandatory user interaction, which materially limits real-world exploitability. No public exploit code has been identified at time of analysis, EPSS places exploitation probability at just 0.03% (11th percentile), and the Chromium security team rated this vulnerability Low severity - all signals consistent with a narrowly exploitable information disclosure rather than a broad critical threat.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome on Android (prior to 149.0.7827.53) enables remote unauthenticated attackers to exfiltrate data from other origins by directing a victim to a crafted HTML page that exploits an inappropriate UI implementation. The CVSS vector (AV:N/AC:L/PR:N/UI:R) reflects low-complexity network exploitation requiring only a single user interaction, with high confidentiality impact and no integrity or availability loss. No public exploit code and no active exploitation have been identified; an EPSS of 0.03% at the 11th percentile aligns with Chromium's own internal Low severity rating, placing this firmly in the patch-and-move-on category.

CSRF Google Chrome
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Remote code execution within the Chrome renderer sandbox affects Google Chrome desktop builds prior to 149.0.7827.53, stemming from an inappropriate implementation in the Extensions subsystem. An attacker in a privileged network position can deliver a crafted Chrome Extension that, with user interaction, executes arbitrary code confined to the sandbox. No public exploit identified at time of analysis and EPSS probability is very low (0.01%), but a vendor patch is available.

Google RCE Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to 149.0.7827.53 allows a remote attacker who convinces a victim to install a crafted malicious extension to circumvent CSP protections on web pages, enabling unauthorized content injection. The flaw stems from insufficient policy enforcement in Chrome's Extensions subsystem (CWE-602), rated Low severity by the Chromium security team with a CVSS base score of 4.3. No public exploit code exists and no active exploitation has been confirmed; EPSS is 0.01% (1st percentile), reflecting minimal real-world exploitation pressure at time of analysis.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

SafeBrowsing protection mechanism bypass in Google Chrome prior to version 149.0.7827.53 allows remote unauthenticated attackers to deliver malicious files that evade Chrome's built-in phishing and malware detection layer. The bypass is triggered through user interaction - such as visiting a crafted page or downloading a manipulated file - without requiring any special privileges or configuration. No public exploit has been identified and EPSS is 0.02% (4th percentile), indicating low current exploitation probability; however, successful exploitation silently removes a critical user-facing protection layer, enabling downstream malware delivery.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Cross-origin data leakage in Google Chrome's Autofill component prior to version 149.0.7827.53 enables remote attackers to exfiltrate sensitive data from other origins by enticing a victim to visit a crafted HTML page. Despite a CVSS score of 7.5 reflecting high confidentiality impact, the EPSS score of 0.03% and Chromium's own 'Low' severity rating indicate limited real-world risk, and no public exploit identified at time of analysis.

CSRF Google Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to version 149.0.7827.53 enables remote attackers to circumvent CSP protections via a crafted HTML page, with the victim's browser failing to enforce declared content restrictions. The vulnerability requires user interaction (UI:R) and produces limited integrity impact (I:L) only - no confidentiality or availability loss. EPSS at 0.02% (4th percentile) and no CISA KEV listing indicate negligible current exploitation activity; Chromium has internally rated this Low severity, aligning with the constrained impact scope.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome for Android prior to 149.0.7827.53 exposes sensitive information through insufficient policy enforcement in the WebAuthentication (WebAuthn) component. An attacker who has already achieved renderer process compromise can exploit this gap to extract cross-origin data by delivering a crafted HTML page to a victim, requiring user interaction. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at a low 0.05% (16th percentile), consistent with Google's own 'Low' severity classification for Chromium.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the TabStrip component, enabling a remote attacker who lures a victim to a crafted HTML page to corrupt memory and execute arbitrary code within the renderer context. Google rates the underlying Chromium severity as Low, but the CVSS base score of 8.8 reflects the potential impact when chained with a sandbox escape. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's PDF implementation prior to version 149.0.7827.53 can be triggered by a remote attacker who has already compromised the renderer process, using a crafted HTML page to mislead users through false interface elements. The vulnerability is rated Low severity by the Chromium security team, with a CVSS score of 4.3, and carries a negligible exploitation probability (EPSS 0.05%, 15th percentile). No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog, making real-world exploitation highly unlikely outside of sophisticated, chained attack scenarios.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to 149.0.7827.53 stems from an inappropriate implementation in the browser's Permissions subsystem, enabling a remote attacker to circumvent CSP restrictions through a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) confirms the impact is limited to a partial integrity violation - no confidentiality or availability consequences are indicated. No public exploit identified at time of analysis; EPSS at 0.01% (2nd percentile) and Chromium's own 'Low' severity rating together indicate very low near-term exploitation likelihood.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Cast component exposes users to limited cross-origin integrity violations via a crafted HTML page, affecting all desktop Chrome versions prior to 149.0.7827.53. An unauthenticated remote attacker can circumvent the browser's fundamental cross-origin boundary by exploiting insufficient input validation in the Cast subsystem, achieving a low-severity integrity impact against a visiting user. No public exploit has been identified at time of analysis, and the EPSS score of 0.02% (6th percentile) combined with Chromium's own 'Low' severity rating indicate minimal real-world exploitation risk.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

File System Access API in Google Chrome prior to 149.0.7827.53 allows a remote attacker to bypass discretionary access control (DAC) by convincing a user to perform specific UI gestures on a crafted HTML page. The CVSS vector (I:H, C:N, A:N) confirms the impact is limited to unauthorized file integrity compromise - an attacker could write or modify local files beyond what the user explicitly permitted. No public exploit code exists and EPSS is 0.02% (4th percentile), aligning with Chromium's own internal 'Low' severity rating, indicating limited real-world exploitation likelihood at time of analysis.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to 149.0.7827.53 allows a remote unauthenticated attacker to circumvent browser-enforced navigation controls by delivering a crafted HTML page to a victim. The flaw is classified by Google as an inappropriate implementation in the browser component, carrying a CVSS 4.3 (Medium) with limited integrity impact and no confidentiality or availability consequence. No public exploit has been identified at time of analysis, EPSS exploitation probability stands at 0.02% (4th percentile), and Google's internal Chromium severity rating is Low - consistent signals pointing to a low-urgency, routine-patch item outside of specialized deployment contexts.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Sandbox escape in Google Chrome's GPU process prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers an integer overflow. The flaw, tagged as a buffer overflow with information disclosure potential, requires user interaction and a chained renderer compromise, and no public exploit has been identified at time of analysis despite Chromium rating the underlying severity as Low.

Information Disclosure Google Buffer Overflow +3
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Cross-origin data leakage in Google Chrome's Storage Access API affects desktop versions prior to 149.0.7827.53, enabling a remote attacker who has already compromised the renderer process to exfiltrate sensitive cross-origin information via a specially crafted HTML page. Google rates the underlying Chromium severity as Low, though NVD assigns CVSS 7.5 due to the unauthenticated network vector, and no public exploit identified at time of analysis.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Permissions implementation prior to version 149.0.7827.53 allows a remote, unauthenticated attacker to deceive users through manipulated browser permission dialogs via a crafted HTML page. Exploitation requires user interaction - a victim must visit a malicious page - and the real-world impact is limited to low-integrity outcomes such as misleading users into granting or denying permissions under false pretenses. No public exploit code exists and this vulnerability has not been added to the CISA KEV catalog at time of analysis.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Permissions subsystem (prior to 149.0.7827.53) enables remote unauthenticated attackers to read data across origin boundaries via a crafted HTML page. The flaw, classified as a race condition (CWE-362) in the Permissions implementation, undermines the browser's Same-Origin Policy enforcement - a foundational web isolation mechanism. No public exploit identified at time of analysis; a vendor-released patch is available in version 149.0.7827.53, and Google has rated this Low severity in Chromium security terms.

Information Disclosure Google Race Condition +3
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Content Settings policy enforcement bypass in Google Chrome prior to 149.0.7827.53 enables remote attackers to circumvent discretionary access control by delivering a crafted HTML page to a victim who must interact with it. Rooted in CWE-284 (Improper Access Control), the flaw affects Chrome's Content Settings subsystem - which governs site-level permissions such as cookies, notifications, and script access - yielding a limited integrity impact with no confidentiality or availability consequences. No public exploit has been identified and the vulnerability is absent from CISA KEV; the vendor itself rates this as Low severity, consistent with the CVSS 4.3 base score.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Insufficient policy enforcement in Google Chrome's Password Manager (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to bypass discretionary access control via a crafted HTML page, resulting in limited confidentiality exposure. This is a chained vulnerability: exploitation is contingent on a prior renderer process compromise, which substantially elevates attack complexity and limits realistic blast radius. No public exploit code exists and this CVE is not listed in the CISA KEV catalog. Google has rated this Low severity and released a fix in Chrome 149.0.7827.53.

Authentication Bypass Google Chrome
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Information disclosure in Google Chrome DevTools prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to read potentially sensitive data from process memory by serving a crafted HTML page. The flaw stems from a use-after-free condition (CWE-416) in DevTools, and while Google rates the underlying Chromium severity as Low, the NVD CVSS of 9.6 reflects the cross-origin scope change possible when chained with a prior renderer compromise. No public exploit identified at time of analysis.

Information Disclosure Use After Free Memory Corruption +4
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Use-after-free in the Network component of Google Chrome prior to version 149.0.7827.53 enables an attacker who has already compromised the renderer process to read potentially sensitive data from process memory by delivering a crafted HTML page. The Changed scope (S:C) in the CVSS vector confirms the vulnerability crosses security boundaries - specifically from the renderer sandbox into the Network process - making this a secondary exploitation step rather than an initial access vector. No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog; Google has released a patched stable channel build.

Denial Of Service Use After Free Memory Corruption +4
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Navigation restriction bypass in Google Chrome's Lens component prior to version 149.0.7827.53 allows a remote attacker to circumvent browser security boundaries via a crafted HTML page. The flaw requires user interaction (UI:R) to trigger, but no authentication, and Google classifies the Chromium security severity as Low despite the NVD CVSS of 8.8. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Cross-origin data leakage in Google Chrome's CustomTabs component on Android exposes sensitive information to remote attackers via a crafted HTML page. Affected versions are all Chrome for Android releases prior to 149.0.7827.53, where insufficient policy enforcement in the CustomTabs API fails to uphold cross-origin isolation guarantees. No public exploit identified at time of analysis and no confirmed active exploitation (CISA KEV not listed); the EPSS score of 0.03% (11th percentile) and a CVSS score of 3.1 (Low) together indicate low real-world exploitation likelihood.

Information Disclosure Google Chrome
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's IndexedDB implementation affects all versions prior to 149.0.7827.53, enabling an attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. The integrity-only impact (C:N/I:H/A:N) means a successful exploitation could allow unauthorized writes or data manipulation across origins, but does not directly expose confidential data. No public exploit code has been identified at time of analysis, and Google's own Chromium security team rated this Low severity; a vendor-released patch is available at version 149.0.7827.53.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Payments component prior to version 149.0.7827.53 enables a remote unauthenticated attacker to mislead users about payment interface elements via a crafted HTML page. The vulnerability stems from inappropriate implementation logic (CWE-451) that allows visual misrepresentation of critical payment-related UI, potentially facilitating phishing or payment fraud against end users who interact with a malicious page. No public exploit code has been identified at time of analysis, and Chromium's internal severity rating is Low, consistent with its limited integrity-only, user-interaction-dependent impact.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Same-origin policy bypass in Google Chrome's WebAuthentication component affects all Chrome versions prior to 149.0.7827.53, exploitable only by a remote attacker who has already compromised the renderer process. Insufficient input validation in the WebAuthn subsystem allows crafted HTML pages to circumvent same-origin restrictions, resulting in limited confidentiality disclosure (C:L). Chromium's own severity classification is Low, consistent with the CVSS 3.1 score of 3.1, and no public exploit or CISA KEV listing has been identified at time of analysis. The mandatory prerequisite of renderer process compromise significantly constrains the realistic attacker population to sophisticated, multi-stage threat actors.

Authentication Bypass Google Chrome
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Downloads subsystem prior to version 149.0.7827.53 enables a remote unauthenticated attacker to circumvent browser navigation controls by luring a user to a crafted HTML page. The flaw is rooted in an inappropriate implementation classified as CWE-346 (Origin Validation Error), meaning Chrome fails to properly validate the origin of requests or data within the Downloads flow. Rated Medium by CVSS (5.4) and Low by Chromium's own severity scale, no public exploit code or CISA KEV listing has been identified at time of analysis.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Cross-origin data disclosure in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to leak data across origin boundaries by serving a crafted HTML page through the Plugins component. No public exploit has been identified at time of analysis, and Chromium rates the underlying issue as Low severity despite the NVD CVSS of 7.5. The flaw stems from insufficient validation of untrusted input (CWE-20) within Chrome's plugin handling path.

Information Disclosure Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Privilege escalation in Google Chrome's Cast component (versions prior to 149.0.7827.53) allows an adjacent network attacker to elevate privileges by delivering a crafted HTML page that exploits insufficient input validation. Exploitation requires the victim to interact with the malicious content, and no public exploit has been identified at time of analysis despite a CVSS score of 8.0. Google has classified the Chromium security severity as Low, suggesting the practical impact is more constrained than the numeric score implies.

Google Privilege Escalation Red Hat +2
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Site isolation bypass in Google Chrome's Loader component (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to escape Chrome's cross-site data boundary via a crafted HTML page. The vulnerability stems from insufficient validation of untrusted input in the Loader, enabling a post-exploitation primitive that leaks limited confidentiality data across site boundaries. With a CVSS score of 3.1 (Low), EPSS at 0.02% (6th percentile), no CISA KEV listing, and Chromium's own classification as Low severity, this represents a low-urgency chained-exploit stepping stone rather than a standalone critical threat; no public exploit identified at time of analysis.

Authentication Bypass Google Chrome
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Privilege escalation in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape sandbox-style restrictions via the Extensions subsystem using a crafted HTML page. The flaw requires user interaction and high attack complexity, and is rated Low severity by the Chromium team despite the 7.5 CVSS score; no public exploit identified at time of analysis.

Google Privilege Escalation Red Hat +2
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Inappropriate implementation in Google Chrome's DevTools component prior to version 149.0.7827.53 allows a crafted Chrome Extension to access and read sensitive data from process memory. Exploitation requires social engineering a target user into installing a malicious extension, after which the extension can invoke under-guarded DevTools APIs to extract potentially sensitive in-memory content such as credentials, tokens, or session data. No public exploit has been identified at time of analysis, and the EPSS score of 0.01% indicates very low observed exploitation probability; however, the confidentiality impact is rated High by CVSS.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Remote code execution in Google Chrome on macOS prior to 149.0.7827.53 allows a remote attacker to run arbitrary code by tricking a user into interacting with a malicious file, due to an inappropriate implementation in the Safe Browsing component. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.04%, 12th percentile), though the CVSS base score of 8.1 reflects high confidentiality and integrity impact. Chromium internally rated the security severity as Low, suggesting practical exploitability is constrained despite the high CVSS.

Code Injection Google RCE +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Tab Hover Cards in Google Chrome prior to 149.0.7827.53 render domain names incorrectly, enabling a remote unauthenticated attacker to spoof displayed domain identity via a crafted domain name, misleading users about the true destination of a browser tab. CVSS rates Integrity impact as High (I:H), reflecting the real deception potential in phishing scenarios, while Chromium itself labels this Low severity - a notable contrast worth flagging. No public exploit identified at time of analysis, and EPSS at 0.03% (11th percentile) reflects minimal current exploitation interest.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in the PreviewTab component of Google Chrome for Android (versions prior to 149.0.7827.53) enables a remote unauthenticated attacker to violate cross-origin isolation and corrupt content integrity. Exploitation requires social engineering - the victim must visit a crafted HTML page and be manipulated into performing specific UI gestures within the PreviewTab interface. The CVSS vector scores high integrity impact (I:H) with no confidentiality or availability impact, indicating an attacker can alter or inject content across origin boundaries but cannot directly exfiltrate data. No public exploit code or CISA KEV listing has been identified; EPSS sits at 0.02% (4th percentile), reflecting very low current exploitation probability.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Domain spoofing in Google Chrome's WebUI component (versions prior to 149.0.7827.53) allows unauthenticated remote attackers to display a misleading domain name in the browser UI by delivering a crafted domain to a victim. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) assigns High integrity impact, reflecting the ability to undermine a user's origin-trust decisions - the cornerstone of browser security. No public exploit code exists and EPSS sits at 0.03% (10th percentile), consistent with Google's own 'Low' Chromium severity rating; risk is realistic but non-urgent outside phishing-focused threat models.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Remote code execution in Google Chrome on Linux versions prior to 149.0.7827.53 allows a remote attacker to exploit a use-after-free condition in the Chromoting component via malicious network traffic. The flaw carries a CVSS 3.1 score of 8.1 (high) with no public exploit identified at time of analysis and an EPSS probability of 0.04%, though Google rates the Chromium severity as Low. The vendor has shipped a fix in the stable channel update for desktop.

Google Memory Corruption RCE +5
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Network component (versions prior to 149.0.7827.53) enables a post-compromise attacker who already controls the renderer process to subvert cross-origin enforcement via a crafted HTML page. The CVSS integrity impact is rated High (I:H), but exploitation is gated behind a required renderer-process pre-compromise, substantially raising the real-world attack bar. No public exploit code exists and no CISA KEV listing is present; EPSS stands at 0.02% (6th percentile), consistent with Google's own Low severity rating for this issue.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Domain spoofing via Tab Strip UI misrepresentation in Google Chrome prior to 149.0.7827.53 enables remote unauthenticated attackers to deceive users into believing they are visiting a legitimate domain by serving a crafted HTML page that corrupts the displayed origin in the tab strip. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) confirms network-accessible exploitation requiring no privileges but requiring user interaction, with integrity impact reflecting successful identity deception rather than data exfiltration or code execution. No public exploit code exists and EPSS at 0.03% (11th percentile) reflects negligible observed exploitation activity; this is not currently listed in the CISA KEV catalog.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's PointerLock API prior to version 149.0.7827.53 allows an attacker who has already compromised the renderer process to manipulate browser UI presentation via a crafted HTML page. The CVSS score of 4.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) reflects limited integrity-only impact with no confidentiality or availability consequences, and Google itself rated this 'Low' severity. No public exploit has been identified and the EPSS score of 0.05% (15th percentile) confirms very low real-world exploitation probability at time of analysis.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Site isolation bypass in Google Chrome's Navigation component allows a remote attacker who has already compromised the renderer process to break Chrome's cross-origin security boundary via a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53. The CVSS vector (I:H) reflects high integrity impact against protected origins, but the real-world risk is substantially gated by the prerequisite of renderer process compromise - a condition Google itself rates as 'Low' severity in Chromium's internal classification. No public exploit code or CISA KEV listing has been identified at time of analysis.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to 149.0.7827.53 allows remote unauthenticated attackers to circumvent Chrome's built-in navigation controls by delivering a crafted HTML page to a victim. The flaw stems from an inappropriate implementation in Chrome's Navigation subsystem (CWE-693: Protection Mechanism Failure), yielding low integrity impact with no confidentiality or availability consequences. No public exploit has been identified at time of analysis and EPSS exploitation probability is 0.02% (4th percentile), consistent with Google Chromium's own Low severity classification for this issue.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Remote code execution in Google Chrome on Windows prior to version 149.0.7827.53 allows a remote attacker to run arbitrary code when a victim is lured into performing specific UI gestures involving a malicious file delivered through the PlatformIntegration component. The flaw stems from improper input validation (CWE-20) and, while a vendor patch is available, no public exploit has been identified at time of analysis and EPSS scoring (0.04%) indicates very low near-term exploitation probability.

Google Microsoft RCE +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Site isolation bypass in Google Chrome's Fenced Frames component allows an attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53 on desktop platforms. No public exploit code has been identified at time of analysis, and EPSS sits at a low 0.02% (4th percentile), consistent with Chromium's own 'Low' severity rating despite the 6.5 CVSS score - real-world risk is contingent on a separate, preceding renderer exploit.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's File Input component (versions prior to 149.0.7827.53) enables remote attackers to misrepresent security-critical interface elements to users through specially crafted HTML pages. The attacker must convince a target to perform specific UI gestures - such as drag-and-drop or deliberate click sequences - to trigger incorrect rendering of the browser's file selection security UI. No public exploit identified at time of analysis; EPSS at 0.03% (11th percentile) signals very low exploitation probability, consistent with no CISA KEV listing.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Domain spoofing in Google Chrome's Cronet networking library on Android (versions prior to 149.0.7827.53) enables remote unauthenticated attackers to misrepresent domain names to victims browsing on Android devices. The CVSS vector (AV:N/AC:L/PR:N/UI:R/I:H) confirms high integrity impact with no privileges required, contingent on victim interaction with a crafted URL. EPSS at 0.03% (11th percentile) and no CISA KEV listing indicate no public exploitation at time of analysis, making this primarily a targeted phishing-enablement risk rather than an actively weaponized vector.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome for iOS prior to version 149.0.7827.53 enables a remote unauthenticated attacker to read sensitive data from cross-origin resources by tricking a user into visiting a crafted HTML page. The flaw stems from an inappropriate implementation in the iOS-specific Chrome code path (CWE-346: Origin Validation Error), undermining the browser's Same-Origin Policy enforcement on Apple's platform. No public exploit code exists and no active exploitation is confirmed; with an EPSS of 0.03% (11th percentile), real-world risk is currently assessed as low despite the high confidentiality impact in the CVSS scoring.

Apple Information Disclosure Google +3
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that abuses Reading Mode's insufficient input validation. The CVSS 9.6 rating reflects the scope-changing impact (S:C) when chained from a renderer compromise, though EPSS is very low (0.05%) and no public exploit identified at time of analysis. Chromium rates the underlying issue Medium severity, reflecting that prior renderer compromise is a prerequisite.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's DevTools component (prior to 149.0.7827.53) enables an attacker to bypass same-origin policy enforcement through a crafted malicious extension. Exploitation requires convincing a target user to install the attacker-controlled extension, after which cross-origin data can be exfiltrated via insufficient DevTools policy controls. No public exploit code has been identified at time of analysis, and the EPSS score of 0.01% (1st percentile) indicates very low observed exploitation probability; the vulnerability is not listed in the CISA KEV catalog.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from an integer overflow in the V8 JavaScript engine that allows a remote attacker to execute arbitrary code within the renderer sandbox via a crafted HTML page. The flaw requires user interaction (visiting a malicious page) and currently has no public exploit identified at time of analysis, with an EPSS score of 0.04% indicating very low near-term exploitation probability. Chromium rates the security severity as Medium despite the 8.8 CVSS score, and SSVC indicates no observed exploitation though technical impact is total.

Google RCE Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Safe Browsing bypass in Google Chrome prior to 149.0.7827.53 allows a remote attacker to circumvent discretionary access control protections by delivering a specially crafted RAR file to a victim who interacts with it. The CVSS vector (AV:N/AC:L/PR:N/UI:R) confirms no authentication or elevated privileges are required on the attacker side, but exploitation depends on user interaction - the victim must engage with the malicious RAR file. The integrity impact is rated High (I:H) with no confidentiality or availability impact, indicating the primary risk is bypassing file-based access controls enforced by the Safe Browsing subsystem. No public exploit identified at time of analysis, and EPSS at 0.02% (4th percentile) reflects very low observed exploitation probability.

Authentication Bypass Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Sensitive information disclosure in Google Chrome's Passwords component (prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to read potentially sensitive data - including password material - from process memory by delivering a crafted HTML page. The attack carries a CVSS 6.5 (Medium) rating with high confidentiality impact and no integrity or availability consequence. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at 0.03% (11th percentile), consistent with the non-trivial prerequisite of prior renderer compromise.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory information disclosure in Google Chrome's Codecs component affects all desktop versions prior to 149.0.7827.53, enabling remote unauthenticated attackers to read potentially sensitive data from browser process memory when a user visits a specially crafted HTML page. The root cause is a use-after-free (CWE-416) in the media codec subsystem, yielding high confidentiality impact with no integrity or availability consequences per CVSS. EPSS is very low at 0.03% (11th percentile) and SSVC confirms no active exploitation, placing this firmly in the routine patch category despite its Medium severity score.

Denial Of Service Use After Free Memory Corruption +4
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows remote attackers to break out of the browser's renderer sandbox by sending malicious network traffic processed by the Autofill component. The flaw is rated CVSS 9.6 due to scope change and high impact across confidentiality, integrity, and availability, though Chromium itself assigns it Medium severity and EPSS exploitation probability is currently very low (0.05%). No public exploit identified at time of analysis, but a vendor-released patch is available.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage via ServiceWorker policy bypass in Google Chrome affects all desktop versions prior to 149.0.7827.53. Insufficient policy enforcement in Chrome's ServiceWorker API allows unauthenticated remote attackers to read sensitive cross-origin data from a victim's browser session by directing the victim to a crafted HTML page. EPSS exploitation probability is very low at 0.03% (11th percentile), no public exploit code has been identified, and no CISA KEV listing exists at time of analysis - making this a moderate confidentiality risk that warrants patching but is not an immediate emergency for most organizations.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Universal Cross-Site Scripting (UXSS) in Google Chrome for iOS prior to 149.0.7827.53 allows a remote, unauthenticated attacker to inject arbitrary scripts or HTML across origin boundaries by delivering a crafted QR code and convincing the target to perform specific UI gestures within the browser. The CVSS Scope:Changed rating confirms this bypasses the same-origin policy, meaning injected scripts can access sessions and data from other open origins. No public exploit code has been identified at time of analysis, and the EPSS score of 0.07% (22nd percentile) indicates low observed exploitation probability, though the attack is fully network-accessible once social engineering is achieved. Note: the 'RCE' tag attached to this CVE is inconsistent with the description, which describes UXSS - not OS-level code execution - and should be treated as a tagging error.

Apple Google RCE +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome for iOS (versions prior to 149.0.7827.53) exploits an inappropriate implementation within the Signin component, enabling a remote attacker to circumvent navigation controls by delivering a crafted HTML page to a victim. Per CVSS (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N), no authentication is required by the attacker, but user interaction is necessary - the victim must visit or load the malicious page. No public exploit has been identified at time of analysis, SSVC reports exploitation as none, and the EPSS score of 0.02% (4th percentile) indicates very low likelihood of opportunistic exploitation; nevertheless, the high integrity impact warrants prompt patching on all managed iOS Chrome deployments.

Apple Authentication Bypass Google +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's GPU implementation on macOS allows remote unauthenticated attackers to exfiltrate sensitive cross-origin information by luring a user to a crafted HTML page. Affected are all Chrome releases on Mac prior to 149.0.7827.53. The vulnerability stems from an inappropriate GPU implementation (CWE-200) and carries no publicly available exploit at time of analysis; EPSS sits at 0.03% (11th percentile), indicating low current exploitation probability. No active exploitation has been confirmed by CISA KEV.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandbox escape in Google Chrome for iOS prior to 149.0.7827.53 allows a remote attacker who lures a victim to a malicious page to potentially break out of Chrome's renderer sandbox via crafted HTML. The flaw is rated CVSS 8.8 (High) due to high confidentiality, integrity, and availability impact, though Chromium internally classifies severity as Medium and EPSS exploitation probability is currently very low (0.05%). No public exploit identified at time of analysis.

Apple Information Disclosure Google +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free condition in the ServiceWorker component that can be triggered by a malicious browser extension. An attacker who convinces a user to install a crafted Chrome Extension can achieve arbitrary code execution within the renderer context. No public exploit has been identified at time of analysis and EPSS exploitation probability is very low at 0.01%, but the high CVSS score (8.8) reflects the severe potential impact.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebRTC subsystem (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to read data across origin boundaries when a victim visits a crafted HTML page. The vulnerability carries a CVSS 6.5 Medium score with high confidentiality impact, but mandatory user interaction prevents automated mass exploitation - consistent with SSVC Automatable: no and an EPSS of 0.03% (10th percentile). No public exploit code exists and this CVE is not listed in the CISA Known Exploited Vulnerabilities catalog at time of analysis.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebRTC implementation allows a network-positioned attacker to extract sensitive cross-origin information via crafted malicious network traffic. Affected versions are all Chrome releases prior to 149.0.7827.53; the fix is available in the stable channel update. No public exploit exists and no active exploitation has been identified - EPSS sits at 0.02% (4th percentile) and CISA SSVC assesses exploitation as none and automation as not feasible, placing real-world urgency well below the raw CVSS confidentiality impact suggests.

Information Disclosure Google Red Hat +2
NVD VulDB
Page 1 of 44 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy