Skip to main content

Chrome

3936 CVEs product

Monthly

CVE-2026-11096 MEDIUM PATCH This Month

Out-of-bounds read in the WebRTC component of Google Chrome prior to 149.0.7827.53 exposes potentially sensitive process memory contents to remote attackers. Exploitation requires no authentication (CVSS PR:N) but does require user interaction - a victim must visit a specially crafted HTML page (CVSS UI:R). The confidentiality impact is rated High (C:H) with no integrity or availability consequence, meaning a successful attack leaks memory contents rather than enabling code execution. No public exploit identified at time of analysis, and EPSS at 0.03% (10th percentile) reflects low observed exploitation probability.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11095 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page processed by the codec subsystem. The flaw requires user interaction (visiting a malicious page) and a prior renderer compromise, but if chained successfully it enables full code execution on the host with a scope change. No public exploit identified at time of analysis and EPSS probability is very low (0.05%), but the 9.6 CVSS reflects the high impact of a successful sandbox escape.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11094 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free in the Codecs component triggered by a crafted HTML page. The flaw requires user interaction (visiting a malicious page) and chains with a prior renderer compromise; no public exploit identified at time of analysis and EPSS exploitation probability is very low (0.03%, 11th percentile).

Google Memory Corruption Use After Free Microsoft Denial Of Service +1
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11093 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Printing subsystem (all versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to exfiltrate sensitive cross-origin data by serving a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) reflects high confidentiality impact with no integrity or availability loss, though the real-world attack requires a pre-compromised renderer - making this a second-stage chaining vulnerability rather than a standalone initial-access vector. No public exploit code or CISA KEV listing has been identified, and EPSS at 0.05% (15th percentile) confirms low current exploitation probability.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11092 HIGH PATCH This Week

Privilege escalation in Google Chrome DevTools versions prior to 149.0.7827.53 allows attackers to abuse insufficient policy enforcement through a malicious browser extension. The flaw requires user interaction to install a crafted extension, after which the attacker can gain elevated privileges within the browser context. No public exploit identified at time of analysis, and EPSS scoring (0.01%) indicates very low near-term exploitation probability despite the high CVSS rating.

Google Privilege Escalation Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11091 HIGH PATCH This Week

Out-of-bounds memory read in the Dawn WebGPU implementation of Google Chrome prior to 149.0.7827.53 allows a remote attacker to access memory outside intended bounds via a crafted HTML page. Exploitation requires the victim to visit an attacker-controlled page, and no public exploit identified at time of analysis. Google rates the Chromium-internal severity as Medium, while NVD assigns CVSS 8.8 reflecting the broad impact on confidentiality, integrity, and availability if successfully triggered.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11090 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's ANGLE graphics library (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to read memory across origin boundaries by luring a victim to a crafted HTML page. The root cause is an uninitialized variable (CWE-457) within ANGLE - Chromium's graphics translation layer - which may retain residual data from prior allocations, exposing sensitive cross-origin content. No public exploit code exists and no active exploitation is confirmed (CISA KEV absent); EPSS is 0.03% (11th percentile), indicating low current real-world exploitation pressure.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11089 MEDIUM PATCH This Month

Uninitialized memory read in Google Chrome's Media component exposes sensitive process memory contents to attackers who have already compromised the renderer process. Specifically, Chrome versions prior to 149.0.7827.53 fail to initialize memory in the Media subsystem, enabling a secondary attacker-controlled read of arbitrary process memory via a crafted HTML page. EPSS stands at 0.03% (11th percentile), no public exploit has been identified, and this vulnerability is not listed in the CISA KEV catalog; the vendor-released patch is available in Chrome 149.0.7827.53.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11088 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page. The flaw stems from an integer overflow (CWE-472) in ANGLE and requires user interaction (visiting a malicious page) plus a prior renderer compromise to chain into full sandbox escape. No public exploit identified at time of analysis, and EPSS is very low (0.03%), but Google rates the underlying issue as Medium severity within Chromium.

Google Buffer Overflow Red Hat Suse Chrome
NVD
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11087 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's ANGLE graphics component (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to read sensitive data from other origins via a crafted HTML page. The root cause is CWE-457 (Use of Uninitialized Variable) in ANGLE - residual memory contents in the graphics pipeline can be read before proper initialization, exposing data across origin boundaries. EPSS is very low at 0.03% (11th percentile) and no public exploit or CISA KEV listing has been identified, but the cross-origin data access impact makes this relevant in chained exploit scenarios.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11086 HIGH PATCH This Week

Sandbox-confined arbitrary code execution in Google Chrome versions prior to 149.0.7827.53 stems from an inappropriate implementation in the Dawn WebGPU component, enabling a remote attacker who has already compromised the renderer process to run code inside the sandbox via a crafted HTML page. The CVSS 8.8 rating reflects high impact across confidentiality, integrity, and availability when combined with user interaction (visiting a page), though Chromium classified the underlying severity as Medium. No public exploit identified at time of analysis, but a vendor patch is available in the Stable channel update for desktop.

Google RCE Red Hat Suse Chrome
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11085 HIGH PATCH This Week

Out-of-bounds memory access in Google Chrome on Android before version 149.0.7827.53 allows remote attackers to corrupt GPU process memory by luring a user to a crafted HTML page that triggers an integer overflow. The flaw carries a CVSS 8.8 (high) rating with high confidentiality, integrity, and availability impact, but EPSS is only 0.03% and no public exploit identified at time of analysis, suggesting low near-term mass-exploitation likelihood despite the severity of the underlying bug class.

Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11084 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Password Manager component (prior to 149.0.7827.53) exposes sensitive credential or form data to remote attackers through a crafted HTML page. The flaw stems from an inappropriate implementation classified under CWE-346 (Origin Validation Error), meaning the Password Manager fails to properly enforce same-origin boundaries when handling data. No privileges are required and exploitation is conditional only on user interaction with a malicious page; CVSS confidentiality impact is rated High, though no public exploit code exists and EPSS is at 0.03%, indicating low observed exploitation pressure at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11083 MEDIUM PATCH This Month

Cross-origin data leakage via Chrome's Password Manager component affects Google Chrome versions prior to 149.0.7827.53, exploitable when a user visits an attacker-crafted HTML page. The flaw stems from an inappropriate implementation that fails to enforce proper origin boundaries within the Password Manager, allowing a remote, unauthenticated attacker to read sensitive cross-origin data - potentially including credential-related information surfaced by the Password Manager. No public exploit code has been identified and no active exploitation is confirmed (not in CISA KEV), with EPSS at 0.03% (11th percentile), though the high confidentiality impact (C:H) warrants prompt patching given Chrome's massive deployment surface.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11082 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a race condition in the GPU process triggered by a crafted HTML page. The flaw is a use-after-free (CWE-416) reachable through normal web content rendering, and while no public exploit is identified at time of analysis, the EPSS percentile of 11% suggests low near-term opportunistic exploitation likelihood.

Information Disclosure Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11081 MEDIUM PATCH This Month

Same-Origin Policy bypass in Google Chrome's Canvas implementation affects all versions prior to 149.0.7827.53, allowing a remote unauthenticated attacker to violate cross-origin integrity guarantees through a crafted HTML page. The vulnerability carries a High integrity impact (I:H) with no confidentiality or availability consequence, meaning an attacker can write or manipulate cross-origin data rather than read it. No public exploit code has been identified at time of analysis, and EPSS at 0.02% (4th percentile) suggests minimal observed exploitation pressure currently.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11080 HIGH PATCH This Week

Heap corruption in Google Chrome for Android's WebView component prior to version 149.0.7827.53 allows remote attackers to potentially execute code or crash the browser by luring victims to a crafted HTML page. The flaw is a use-after-free (CWE-416) rated CVSS 8.8 due to network reach and high impact across confidentiality, integrity, and availability, though user interaction is required. No public exploit identified at time of analysis and EPSS exploitation probability is very low (0.03%).

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11079 HIGH PATCH This Week

Out-of-bounds memory write in Google Chrome's codec component prior to version 149.0.7827.53 allows a remote attacker to corrupt memory by serving a crafted video file to a victim who visits a malicious page or views attacker-supplied media. The flaw stems from insufficient input validation in media codec parsing and carries a CVSS 8.8 rating reflecting high impact across confidentiality, integrity, and availability, though no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.05%.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11078 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's FileSystem API implementation affects all desktop versions prior to 149.0.7827.53, exploitable by a remote attacker who has already achieved renderer process compromise. Delivering a crafted HTML page to a victim who interacts with it triggers the flaw, resulting in high-integrity cross-origin impact with no confidentiality or availability consequence. No public exploit code exists and EPSS sits at 0.02% (6th percentile), but the integrity impact and its role as a renderer-escape pivot make it relevant to multi-stage exploitation chains.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11077 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by serving a crafted HTML page that triggers a bad cast in the Dawn WebGPU implementation. The flaw carries a CVSS 8.8 rating with user interaction required (visiting a malicious page), and no public exploit has been identified at time of analysis despite Google rating the underlying Chromium severity as Medium. The vendor has released a patched stable channel build addressing this issue alongside other fixes.

Information Disclosure Google Buffer Overflow RCE Red Hat +2
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11076 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a type confusion flaw in the CSS engine that lets a remote attacker run arbitrary code within the renderer sandbox by enticing a victim to load a crafted HTML page. The CVSS 8.8 score reflects network reach with low attack complexity but requires user interaction (UI:R) to visit the malicious page, and no public exploit identified at time of analysis. A vendor patch is available via the Chrome Stable channel update published in June 2026.

Google Memory Corruption RCE Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11075 MEDIUM PATCH This Month

Out-of-bounds read in Chrome's V8 JavaScript engine (versions prior to 149.0.7827.53) exposes sensitive process memory to remote attackers who can lure a victim to a crafted HTML page. The CVSS vector (PR:N/UI:R/C:H) confirms unauthenticated remote triggering with high confidentiality impact, though exploitation requires one click of user interaction. No public exploit identified at time of analysis, and EPSS sits at the 11th percentile (0.03%), suggesting low observed exploitation pressure despite the medium-severity classification.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11074 HIGH PATCH This Week

Remote code execution in Google Chrome on Linux prior to version 149.0.7827.53 allows a remote attacker to exploit a use-after-free condition in the WebRTC component via a crafted HTML page. The flaw carries a CVSS 3.1 score of 8.8 with user interaction required, and while no public exploit has been identified at time of analysis, Chromium-class memory corruption bugs in WebRTC are historically high-value targets. Google has released a patched stable channel build, and Chromium itself rates the severity as Medium despite the higher NVD CVSS.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11073 MEDIUM PATCH This Month

Use-after-free in Google Chrome's WebGL component (prior to 149.0.7827.53) exposes process memory to remote attackers who can lure a user to a crafted HTML page. The vulnerability is limited to confidentiality - CVSS C:H/I:N/A:N - meaning an attacker can read potentially sensitive data from Chrome's process memory but cannot write or crash the process per the scored vector. No public exploit has been identified at time of analysis, and EPSS sits at 0.03% (10th percentile), indicating low observed exploitation pressure. Google has shipped a fix in the stable channel release 149.0.7827.53.

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11072 HIGH PATCH This Week

Local code execution in Google Chrome for Android prior to 149.0.7827.53 stems from a use-after-free in the WebView component, triggered when a victim opens a malicious file. Per CVSS 7.8 (AV:L/UI:R), exploitation requires local delivery plus user interaction, and there is no public exploit identified at time of analysis (EPSS 0.01%, not in CISA KEV).

Google Memory Corruption RCE Use After Free Denial Of Service +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-11071 HIGH PATCH This Week

Information disclosure in Google Chrome on Linux prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to read sensitive data from process memory by serving a crafted HTML page that triggers a use-after-free in the Base component. The flaw is rated Medium by Chromium but scored CVSS 8.8 in NVD, and no public exploit identified at time of analysis with an EPSS of 0.03%.

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11070 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer/network process to break out of the browser sandbox via crafted Chromoting (Chrome Remote Desktop) network traffic. The flaw is rated CVSS 9.6 due to the scope change from sandboxed process to host, though Google classifies the Chromium severity as Medium. EPSS is very low (0.05%) and no public exploit identified at time of analysis, but a vendor patch is available.

Information Disclosure Google Microsoft Chrome
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11069 MEDIUM PATCH This Month

Same-origin policy bypass in the Cast component of Google Chrome (prior to 149.0.7827.53) enables a remote unauthenticated attacker to violate cross-origin integrity protections via a crafted HTML page, requiring only that the target user visit the attacker-controlled page. The CVSS vector confirms high integrity impact with no confidentiality or availability consequence, indicating the attack allows unauthorized cross-origin writes or data manipulation rather than information disclosure. No public exploit code has been identified at time of analysis, and the EPSS score of 0.02% (6th percentile) signals low observed exploitation interest despite the medium-severity Chromium classification.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11068 HIGH PATCH This Week

Remote code execution in Google Chrome desktop versions prior to 149.0.7827.53 stems from a use-after-free flaw in the WebSockets implementation that an attacker can trigger by luring a victim to a crafted HTML page. Although code execution is constrained to Chrome's renderer sandbox, the CVSS 8.8 rating reflects high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Google has shipped a fix in the stable channel, but the bug typically becomes a building block for full chain exploits when combined with a sandbox escape.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11067 MEDIUM PATCH This Month

Uninitialized memory read in Chrome's Dawn (WebGPU) component exposes process memory contents to remote unauthenticated attackers who can entice a user to visit a crafted HTML page. All Chrome desktop versions prior to 149.0.7827.53 are affected, with confidentiality impact rated High (C:H) due to potential exposure of sensitive in-process data such as credentials or session tokens. No public exploit code or active exploitation has been identified at time of analysis; EPSS at 0.03% (11th percentile) reflects low current exploitation pressure.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11066 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome prior to 149.0.7827.53 allows remote attackers to break out of the renderer sandbox via a crafted HTML page that exploits insufficient input validation in the ANGLE graphics layer. The flaw requires the victim to visit attacker-controlled content (UI:R) but no authentication, and the scope-changing CVSS 9.6 reflects the impact of escaping browser process isolation. EPSS is very low (0.05%, 15th percentile) and there is no public exploit identified at time of analysis.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11065 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page targeting a use-after-free in the ANGLE graphics layer. The flaw requires user interaction (visiting a malicious page) and changes scope, yielding high confidentiality, integrity, and availability impact on the host. No public exploit identified at time of analysis and EPSS probability is very low (0.03%, 11th percentile), but a vendor patch is available.

Denial Of Service Use After Free Memory Corruption Google Red Hat +2
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11064 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome for Android (prior to 149.0.7827.53) is enabled by a race condition in the GPU component, exploitable only after the attacker has already achieved renderer process compromise. Using a crafted HTML page, the attacker can then trigger the GPU race to read cross-origin data, constituting a second-stage information disclosure step in a broader attack chain. No public exploit code or CISA KEV listing exists at time of analysis; EPSS sits at 0.03% (11th percentile), consistent with limited real-world exploitation activity.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11063 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that abuses the WebNN (Web Neural Network) API. The flaw stems from insufficient validation of untrusted input (CWE-20) reaching the WebNN component, and exploitation requires user interaction (visiting an attacker-controlled page) plus a prior renderer-compromise primitive. There is no public exploit identified at time of analysis, and the EPSS probability is very low (0.04%).

Information Disclosure Google Microsoft Chrome
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11062 MEDIUM PATCH This Month

Script and HTML injection into privileged Chrome pages is possible in Google Chrome prior to 149.0.7827.53 through insufficient policy enforcement in the Extensions subsystem. An attacker who convinces a user to install a crafted malicious extension can leverage this to inject content into otherwise-restricted privileged pages, compromising page integrity. EPSS is 0.01% (1st percentile), no KEV listing exists, and no public exploit has been identified at time of analysis - indicating low observed exploitation pressure despite the network-accessible attack vector.

Google Code Injection Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11061 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 stems from a type confusion bug in the ANGLE graphics translation layer that a remote attacker can trigger via a crafted HTML page. Despite a CVSS of 9.6 and a vendor-released patch, EPSS is only 0.03% and no public exploit identified at time of analysis, though Chromium-rated Medium browser bugs are routinely targeted once details are public.

Information Disclosure Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11060 HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to version 149.0.7827.53 allows a remote attacker to escape memory safety boundaries within the renderer sandbox via a crafted HTML page. The flaw stems from a use-after-free condition in the Media component and requires user interaction (visiting a malicious page); no public exploit has been identified at time of analysis. With a CVSS of 8.8 and confirmed Chromium classification, this is a typical browser memory-corruption bug that historically attracts exploit chains.

Google Memory Corruption RCE Use After Free Microsoft +4
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11059 HIGH PATCH This Week

Remote code execution in Google Chrome's Blink rendering engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to visit a crafted HTML page. The flaw is a use-after-free memory corruption issue (CWE-416) carrying a CVSS 8.8 score, with a vendor patch already shipped via the Chrome stable channel and no public exploit identified at time of analysis.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11058 HIGH PATCH This Week

Privilege escalation in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via an integer overflow in the CredentialProvider component. Exploitation requires user interaction with a crafted HTML page and a prior renderer compromise, and no public exploit has been identified at time of analysis. Chromium rates the security severity as Medium despite the CVSS 7.5 score.

Google Microsoft Privilege Escalation Red Hat Suse +1
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11057 MEDIUM PATCH This Month

Uninitialized memory use in Skia, Chrome's 2D graphics library, exposes process memory contents to a remote attacker who has already compromised the renderer process. Affected versions are all Chrome releases prior to 149.0.7827.53 on desktop platforms. An attacker leveraging this flaw can read potentially sensitive data from process memory - such as credentials, tokens, or page content - by delivering a crafted HTML page that triggers Skia's uninitialized memory path. No public exploit identified at time of analysis and EPSS stands at 0.03% (11th percentile), indicating low current exploitation pressure; however, the confidentiality impact is rated High by NVD.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11056 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the Site Isolation sandbox via a crafted HTML page. The flaw stems from insufficient validation of untrusted input in the Site Isolation component (CWE-20) and is rated CVSS 9.6 due to scope change, though Chromium itself classifies the underlying severity as Medium. No public exploit has been identified at time of analysis and EPSS is very low (0.05%, 15th percentile), but the chained-exploit potential makes it a meaningful browser-security risk.

Information Disclosure Google Microsoft Chrome
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11055 HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to 149.0.7827.53 allows attackers to run arbitrary code inside the renderer sandbox by luring a user to a crafted HTML page that triggers a use-after-free in the ANGLE graphics layer. The flaw carries a CVSS 8.8 score and requires user interaction (visiting a malicious page), and no public exploit identified at time of analysis. The sandbox containment limits direct system impact, but the bug is a strong candidate for chaining with a sandbox escape.

Google Memory Corruption RCE Use After Free Microsoft +4
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11054 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by enticing a victim to visit a crafted HTML page that triggers a use-after-free condition in the WebRTC component. No public exploit identified at time of analysis, though the high CVSS score of 8.8 and the memory corruption class make this a priority browser patch. Chromium rates the security severity as Medium despite the CVSS score, suggesting sandbox containment limits real-world impact.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11052 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that triggers a type confusion in the GPU process. The CVSS score of 9.6 reflects the scope-changing nature of escaping the sandbox boundary, though exploitation requires user interaction (visiting a malicious page) and a pre-existing renderer compromise. No public exploit identified at time of analysis, and EPSS is low at 0.03%.

Microsoft Information Disclosure Google Memory Corruption Chrome
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11051 MEDIUM PATCH This Month

Out-of-bounds read in ANGLE (Google's graphics abstraction layer) within Chrome on Linux exposes sensitive process memory to remote attackers via a crafted HTML page. All Chrome for Linux versions prior to 149.0.7827.53 are affected; Windows and macOS are not in scope. The CVSS vector confirms unauthenticated remote exploitability at low complexity, though user interaction is required, and no public exploit has been identified at time of analysis - EPSS at 0.03% (11th percentile) signals minimal current exploitation pressure.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11050 HIGH PATCH This Week

Remote code execution in Google Chrome's V8 JavaScript engine before version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox when a victim visits a crafted HTML page. The flaw is a use-after-free memory corruption issue rated CVSS 8.8 (High), and while no public exploit has been identified at time of analysis, V8 bugs of this class are historically high-value targets for exploit chains. SSVC indicates no observed exploitation, but technical impact is total within the sandbox boundary.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11049 HIGH PATCH This Week

Remote code execution in Google Chrome's Password Manager component (versions prior to 149.0.7827.53) allows a remote attacker to execute arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. The flaw stems from a use-after-free memory corruption condition (CWE-416) and carries a CVSS 3.1 score of 8.8. No public exploit identified at time of analysis, but a vendor patch has been released by Google.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11048 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Extensions subsystem (versions prior to 149.0.7827.53) allows an attacker who socially engineers a user into installing a crafted malicious extension to violate cross-origin boundaries, enabling unauthorized integrity impact against content from other origins. The CVSS vector (I:H, C:N) confirms the impact is write/modify-only - sensitive data exfiltration is not a direct consequence. No public exploit code or active exploitation has been identified at time of analysis; EPSS is negligible at 0.01% (1st percentile), consistent with the social-engineering prerequisite limiting mass exploitation.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11047 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw resides in the Base component and is rated Medium severity by Chromium despite the CVSS 9.6 score, reflecting the prerequisite of a prior renderer compromise. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.05%.

Information Disclosure Google Microsoft Chrome
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11046 HIGH PATCH This Week

Sandboxed arbitrary code execution in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to run arbitrary code within the Chrome sandbox via a crafted HTML page processed by the Media component. The flaw stems from insufficient validation of untrusted input (CWE-20) and is rated Medium severity by Chromium despite an 8.8 CVSS, reflecting that it serves as a second-stage primitive rather than a standalone RCE; no public exploit identified at time of analysis.

Google RCE Red Hat Suse Chrome
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11045 MEDIUM PATCH This Month

Memory disclosure in Google Chrome's GPU component (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to read sensitive data from process memory by delivering a crafted HTML page. The vulnerability stems from insufficient validation of untrusted input passed to the GPU subsystem, classified as CWE-20 (Improper Input Validation), and is rated Medium severity by the Chromium security team despite a CVSS Confidentiality impact of High - reflecting that successful exploitation requires a prior renderer compromise as a prerequisite. No public exploit code has been identified and EPSS probability stands at just 0.05% (15th percentile), indicating low current exploitation likelihood.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11044 MEDIUM PATCH This Month

Integer overflow in ANGLE (Google's graphics abstraction layer) within Chrome on macOS prior to 149.0.7827.53 enables remote information disclosure from process memory via crafted HTML pages. An unauthenticated remote attacker who induces user interaction can trigger out-of-bounds memory reads through a malicious webpage, potentially exposing credentials, session tokens, or other sensitive in-memory data. No active exploitation is confirmed (not listed in CISA KEV) and EPSS of 0.03% (11th percentile) reflects low real-world exploitation probability at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11043 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via an out-of-bounds write in ANGLE triggered by a crafted HTML page. The flaw carries a high CVSS of 9.6 due to scope change and full CIA impact, though no public exploit has been identified and EPSS exploitation probability remains very low at 0.03%.

Google Memory Corruption Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11042 HIGH PATCH This Week

Heap corruption in Google Chrome's Views component prior to version 149.0.7827.53 allows a remote attacker to potentially execute code in the renderer when a user is convinced to perform specific UI gestures on a crafted HTML page. The flaw is a use-after-free (CWE-416) carrying a CVSS 8.8 rating, but EPSS is very low at 0.03% (11th percentile) and no public exploit is identified at time of analysis. Google has shipped a patched stable channel build, and Chromium rates the underlying issue as Medium severity.

Denial Of Service Use After Free Memory Corruption Google Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11041 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that exploits insufficient input validation in the Media component. The flaw requires user interaction (visiting a malicious page) and a prior renderer compromise, making it a second-stage capability typically chained with another bug; no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.05%.

Information Disclosure Google Microsoft Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11040 HIGH PATCH This Week

Sandbox escape in Google Chrome's ANGLE graphics layer prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) requiring user interaction to visit the malicious page, and no public exploit has been identified at time of analysis despite an EPSS score of 0.03% indicating very low near-term exploitation probability.

Denial Of Service Use After Free Memory Corruption Google Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-11039 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Skia graphics library (prior to 149.0.7827.53) enables a remote attacker to read sensitive data from other origins by enticing a user to visit a crafted HTML page. The flaw stems from uninitialized memory use (CWE-457) in Skia, Chrome's 2D rendering engine, where residual memory contents can be exposed across security boundaries. No active exploitation has been confirmed (not in CISA KEV) and EPSS sits at 0.03% (11th percentile), indicating low real-world exploitation probability at time of analysis, though the confidentiality impact is rated High by CVSS.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11038 MEDIUM PATCH This Month

Subresource Integrity (SRI) policy enforcement failure in Google Chrome prior to 149.0.7827.53 enables remote attackers to bypass Content Security Policy protections via malicious network traffic. Affected users who visit attacker-influenced pages may have tampered scripts or resources loaded without the expected cryptographic hash validation that SRI is designed to enforce, undermining integrity guarantees that web applications depend on as a security boundary. No active exploitation is confirmed (not in CISA KEV), EPSS is very low at 0.02% (6th percentile), and a vendor patch is available at 149.0.7827.53.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11037 CRITICAL PATCH Act Now

Out-of-bounds write in Google Chrome's media Codecs component prior to version 149.0.7827.53 allows a remote attacker to potentially escape the renderer sandbox via a crafted video file. Successful exploitation requires the victim to load attacker-controlled video content, but the resulting scope change (S:C) means the attacker can break out of Chrome's renderer sandbox and impact resources beyond it. No public exploit has been identified at time of analysis and EPSS is very low (0.03%), but the high CVSS reflects the severe impact of a successful sandbox escape.

Google Memory Corruption Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11036 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome prior to 149.0.7827.53 enables remote unauthenticated attackers to violate cross-origin isolation boundaries through a crafted HTML page, producing high integrity impact with no confidentiality or availability loss. Rooted in an inappropriate DOM implementation (CWE-346: Origin Validation Error), the flaw allows a malicious page to cross origin boundaries and manipulate content or state belonging to a different origin. No public exploit code and no CISA KEV listing exist at time of analysis; the EPSS score of 0.02% (4th percentile) reinforces limited real-world exploitation pressure despite the medium CVSS 6.5 rating.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11035 HIGH PATCH This Week

Local privilege escalation in Google Chrome for Android prior to 149.0.7827.53 stems from an inappropriate implementation in the Custom Tabs component, where a crafted XML file processed by a local attacker can elevate privileges within the browser context. The flaw is rated CVSS 7.3 (Chromium severity Medium) and requires user interaction, with no public exploit identified at time of analysis and a very low EPSS score (0.02%, 4th percentile). A vendor patch is available in the Stable channel update referenced by the Chrome Releases advisory.

Google Privilege Escalation Chrome
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-11034 MEDIUM PATCH This Month

Universal Cross-Site Scripting (UXSS) in Google Chrome for Android's Tab Group Sync feature allows remote unauthenticated attackers to inject arbitrary scripts or HTML via malicious network traffic against Chrome versions prior to 149.0.7827.53. The CVSS Changed Scope (S:C) confirms that injected content escapes the vulnerable component's origin boundary, affecting other origins - the defining characteristic of UXSS, which is more severe than conventional XSS because it bypasses the browser-level same-origin policy rather than just application-level controls. No public exploit has been identified at time of analysis, and EPSS at 0.07% (22nd percentile) reflects low current exploitation probability; the vulnerability is not listed in CISA KEV.

Google Code Injection Chrome
NVD VulDB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-11033 MEDIUM PATCH This Month

Uninitialized memory read in Chrome's WebML component on macOS exposes potentially sensitive process memory contents to remote attackers. Affected are all Chrome versions prior to 149.0.7827.53 on Mac; exploitation requires convincing a user to visit a specially crafted HTML page. No public exploit code or active exploitation (CISA KEV) has been identified, and the EPSS score of 0.03% (10th percentile) reflects low real-world exploitation likelihood at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11032 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Password Manager component (versions prior to 149.0.7827.53) enables unauthenticated remote attackers to access sensitive data across security origin boundaries when a victim visits a specially crafted HTML page. The flaw involves an inappropriate implementation of origin validation (CWE-346) within the Password Manager subsystem, potentially exposing saved credentials or autofill data to a malicious origin. No active exploitation has been confirmed - SSVC classifies exploitation as none and EPSS places this in the 11th percentile - though the High confidentiality impact in the CVSS vector reflects meaningful data exposure if triggered.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11031 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Password Manager component (versions prior to 149.0.7827.53) allows remote unauthenticated attackers to manipulate browser interface elements via crafted malicious network traffic. The flaw stems from insufficient input validation (CWE-20) in the Password Manager subsystem, enabling an attacker to deceive victims about the legitimacy of password prompts or credential states. No public exploit code or active exploitation has been identified; EPSS at 0.05% (15th percentile) reflects low community-assessed exploitation probability, and the mandatory user interaction requirement prevents automated mass exploitation.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11030 HIGH PATCH This Week

Remote heap corruption in Google Chrome prior to 149.0.7827.53 allows attackers to exploit a use-after-free condition in the Network component via crafted network traffic when a user visits or interacts with attacker-controlled content. Rated CVSS 8.8 with a patch available from Google, though EPSS exploitation probability is currently very low (0.03%, 11th percentile) and no public exploit has been identified at time of analysis.

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11028 HIGH PATCH This Week

Sandbox-contained arbitrary code execution in Google Chrome's Media component affects Linux and ChromeOS builds prior to 149.0.7827.53, where a use-after-free flaw can be triggered via a crafted HTML page. Exploitation requires that the attacker has already compromised the renderer process, meaning this bug functions as a second-stage primitive in a multi-vulnerability chain rather than a standalone RCE. No public exploit identified at time of analysis, and Chromium rates the internal severity as Medium despite the NVD CVSS of 8.8.

Google Memory Corruption RCE Use After Free Denial Of Service +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11027 MEDIUM PATCH This Month

Cross-origin data leakage in the Glic component of Google Chrome (prior to 149.0.7827.53) can be triggered by a remote attacker who has already compromised the renderer process, using a crafted HTML page to exfiltrate sensitive cross-origin content. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) reflects high confidentiality impact but masks the realistic complexity: renderer compromise is an explicit prerequisite, making this a chained exploit rather than a standalone attack. No active exploitation has been confirmed (CISA KEV absent, SSVC exploitation=none, EPSS 0.05% at 15th percentile), and a vendor-released patch is available.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11026 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Extensions subsystem (all versions prior to 149.0.7827.53) enables circumvention of browser-enforced navigation controls when a user installs a crafted malicious extension. Rooted in CWE-284 (Improper Access Control), the flaw allows the extension to override navigation guards - potentially enabling unauthorized redirects or bypass of URL-based security policies - with a high integrity impact per CVSS (I:H). No public exploit has been identified at time of analysis, EPSS is 0.01% (1st percentile), and the vulnerability is not listed in CISA's KEV catalog, indicating low current exploitation momentum despite a medium CVSS score of 6.5.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11025 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome for Android prior to 149.0.7827.53 allows a remote attacker to circumvent CSP restrictions by delivering a crafted HTML page to a victim user. The flaw resides in Chrome's Navigation subsystem, where policy enforcement is insufficient, enabling injection or execution of content that CSP headers would otherwise block. No public exploit has been identified at time of analysis, and EPSS sits at the 4th percentile, but the zero-privilege-required, network-accessible attack surface warrants prompt patching on Android deployments.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11024 HIGH PATCH This Week

Stack-based buffer overflow in the Skia graphics library shipped with Google Chrome versions prior to 149.0.7827.53 lets a remote attacker corrupt the renderer process stack by serving a crafted HTML page, with potential for arbitrary code execution within the sandbox. The flaw carries a CVSS 3.1 base score of 8.8 (network vector, user interaction required) and no public exploit identified at time of analysis, while a very low EPSS score of 0.03% (10th percentile) suggests no current mass-exploitation pressure despite the high impact rating.

Google Stack Overflow Buffer Overflow Chrome Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-11023 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's WebAppInstalls component allows a remote attacker who has already compromised the renderer process to circumvent cross-origin protections via a crafted HTML page, yielding high integrity impact with no confidentiality or availability loss. All Chrome versions prior to 149.0.7827.53 are affected. No public exploit code has been identified and EPSS places this at the 6th percentile (0.02%), indicating very low observed exploitation probability; this is not listed in CISA KEV.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11022 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome DevTools (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. The flaw stems from insufficient input validation (CWE-20) within the DevTools component, yielding a High integrity impact while leaving confidentiality and availability unaffected. No public exploit code exists at time of analysis, and EPSS sits at 0.02% (6th percentile), indicating low observed exploitation pressure; this vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11021 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that exploits insufficient input validation in the GPU component. The CVSS 9.6 score reflects the scope change from renderer to host, but real-world exploitation requires chaining with a separate renderer compromise and user interaction. EPSS is low at 0.05% and no public exploit is identified at time of analysis.

Information Disclosure Google Microsoft Chrome Red Hat +1
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11020 MEDIUM PATCH This Month

Cross-origin data disclosure in Google Chrome's Extensions component (versions prior to 149.0.7827.53) enables a remote attacker to read sensitive data belonging to other origins by delivering a crafted XML file to a victim. The CVSS vector confirms network-reachable, unauthenticated access (AV:N/PR:N) with High confidentiality impact, though user interaction is required (UI:R). No public exploit has been identified at time of analysis and EPSS probability sits at a low 0.03% (11th percentile), indicating limited exploitation likelihood despite the meaningful confidentiality impact.

Information Disclosure Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11019 MEDIUM PATCH This Month

Domain spoofing in the Google Chrome Payments component on Android (versions prior to 149.0.7827.53) enables integrity manipulation of payment flows when an attacker has already compromised the renderer process. By serving a crafted HTML page, the attacker can make the Chrome Payments UI display a spoofed domain, potentially deceiving users into authorizing payments to attacker-controlled origins. EPSS stands at 0.03% (11th percentile), no public exploit code has been identified, and this CVE does not appear in the CISA KEV catalog.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11018 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to version 149.0.7827.53 enables a remote, unauthenticated attacker to circumvent browser navigation policies by delivering a crafted HTML page to a victim. The flaw resides in the 'Actor' component of the Chromium engine, where policy enforcement is insufficient, leading to a high-integrity-impact breach (CVSS I:H) without any compromise of confidentiality or availability. No public exploit code and no active exploitation have been identified at time of analysis; EPSS stands at 0.02% (4th percentile), reinforcing a currently low real-world exploitation probability.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11017 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Link Preview feature allows a remote attacker who has already compromised the renderer process to circumvent intended browsing boundaries via a crafted HTML page. All Chrome versions prior to 149.0.7827.53 on desktop are affected. The real-world threat is as a second-stage exploitation primitive within a browser attack chain - an attacker leverages this CWE-284 flaw to escape navigation controls after gaining an initial foothold in the renderer, achieving high integrity impact with no confidentiality or availability loss. No public exploit code has been identified and EPSS stands at 0.02% (4th percentile), indicating low observed exploitation probability at time of analysis.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11016 MEDIUM PATCH This Month

Same origin policy bypass in Google Chrome's Network component (prior to 149.0.7827.53) enables an attacker who has already compromised the renderer process to exfiltrate or manipulate cross-origin data via a crafted HTML page. The integrity impact is rated High (I:H) with no confidentiality or availability impact, meaning the primary risk is unauthorized cross-origin writes or request forgery rather than data theft. No public exploit code has been identified at time of analysis, and EPSS sits at 0.02% (6th percentile), indicating low observed exploitation probability despite the medium CVSS score.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11015 HIGH PATCH This Week

Out-of-bounds memory read in the WebGPU component of Google Chrome before 149.0.7827.53 allows a remote attacker to read memory outside intended buffer boundaries when a victim visits a crafted HTML page. The flaw carries a CVSS 8.1 score due to network reachability and high confidentiality/availability impact, but EPSS sits at 0.03% and SSVC reports no observed exploitation, so the practical risk is currently low despite the high CVSS. No public exploit identified at time of analysis.

Information Disclosure Google Buffer Overflow Chrome Red Hat +1
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-11014 MEDIUM PATCH This Month

Site isolation bypass in Google Chrome prior to version 149.0.7827.53 enables an attacker to circumvent Chrome's site isolation security boundary through a crafted malicious extension, resulting in high integrity impact (I:H per CVSS). The attack is gated by user interaction - specifically, the victim must be convinced to install the malicious extension - after which the extension exploits insufficient policy enforcement in Chrome's Extensions subsystem to cross site isolation boundaries without authorization. No public exploit has been identified at time of analysis, and the EPSS score of 0.01% (1st percentile) indicates negligible current exploitation interest.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11013 MEDIUM PATCH This Month

Memory disclosure in Google Chrome's Network component (versions prior to 149.0.7827.53) allows an attacker who has already compromised the renderer process to read potentially sensitive data from process memory by delivering a crafted HTML page to the victim. This is a chained, two-stage attack: exploitation requires a prior renderer process compromise as an explicit prerequisite, which substantially elevates the real-world difficulty beyond what the CVSS 6.5 score alone implies. No active exploitation has been identified (SSVC Exploitation: none; EPSS: 0.05% at the 15th percentile), and no public exploit code exists at time of analysis.

Information Disclosure Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11012 HIGH PATCH This Week

Sandbox escape in Google Chrome on Android before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free in the Serial component. Exploitation requires user interaction with a crafted HTML page and a prior renderer compromise, making this a second-stage vulnerability typically chained with another bug. No public exploit identified at time of analysis and EPSS is very low (0.03%), but Google has shipped a patched stable channel build.

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-11011 HIGH PATCH This Week

Site isolation bypass in Google Chrome's Password Manager prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape cross-origin protections via a crafted HTML page. The flaw stems from insufficient policy enforcement (CWE-602) and chains with a prior renderer compromise, making it a post-exploitation primitive rather than a standalone entry point. EPSS is very low (0.02%, 4th percentile) and no public exploit identified at time of analysis, though Google rates the underlying Chromium severity as Medium.

Authentication Bypass Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-11010 HIGH PATCH This Week

Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows remote attackers who have already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a use-after-free in the WebShare component. The flaw requires a pre-existing renderer compromise plus user interaction, and no public exploit identified at time of analysis, though Chromium-rated Medium severity and the patch availability suggest defenders should treat it as part of the standard Chrome update cycle.

Denial Of Service Use After Free Memory Corruption Google Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-11009 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows versions prior to 149.0.7827.53 can be triggered by a remote attacker via a crafted HTML page that exploits a use-after-free condition in the USB component. The flaw carries a CVSS score of 9.6 due to its scope-changing impact, though Google rated the underlying Chromium security severity as Medium, and no public exploit has been identified at time of analysis with an EPSS score of just 0.03%.

Google Memory Corruption Use After Free Microsoft Denial Of Service +1
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-11008 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebAppInstalls component (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to exfiltrate sensitive cross-origin data via a crafted HTML page. The CVSS 6.5 score captures the high confidentiality impact and network accessibility, but understates effective exploitation complexity because a prior renderer compromise is an explicit prerequisite. EPSS is very low at 0.04% (13th percentile), no public exploit code has been identified, and no CISA KEV listing exists at time of analysis, positioning this as a chained exploitation primitive rather than a standalone critical threat.

Information Disclosure Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11007 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebView component on Android exposes sensitive information to attackers who have already achieved renderer process compromise. Affected versions are all Chrome for Android releases prior to 149.0.7827.53. A remote attacker, operating from a compromised renderer context, can exfiltrate cross-origin data by delivering a specially crafted HTML page to the victim, bypassing same-origin policy protections. No public exploit code exists and EPSS stands at 0.04% (13th percentile), indicating low observed exploitation pressure at time of analysis; however, the high confidentiality impact (C:H) makes this a meaningful second-stage primitive in multi-vulnerability attack chains.

Information Disclosure Google Chrome Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11006 MEDIUM PATCH This Month

Out-of-bounds read in Chrome's Dawn WebGPU subsystem (versions prior to 149.0.7827.53) allows unauthenticated remote attackers to read arbitrary memory contents by tricking a user into visiting a crafted HTML page. The vulnerability carries a CVSS 6.5 (Medium) with high confidentiality impact and no integrity or availability impact, indicating targeted data-disclosure potential rather than code execution. EPSS is 0.03% (11th percentile) and the vulnerability is not listed in the CISA KEV catalog - no public exploit has been identified at time of analysis.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-11004 MEDIUM PATCH This Month

Out-of-bounds read in ANGLE (Almost Native Graphics Layer Engine) within Google Chrome prior to 149.0.7827.53 enables an attacker who has already compromised the renderer process to leak potentially sensitive data from process memory via a crafted HTML page. The CVSS vector (AC:H, UI:R) reflects a two-stage exploitation requirement: the attacker must first achieve renderer compromise through a separate vulnerability, then chain this ANGLE flaw as a second-stage information disclosure primitive. No public exploit code has been identified and EPSS sits at 0.03% (11th percentile), indicating low real-world exploitation probability at time of analysis.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Out-of-bounds read in the WebRTC component of Google Chrome prior to 149.0.7827.53 exposes potentially sensitive process memory contents to remote attackers. Exploitation requires no authentication (CVSS PR:N) but does require user interaction - a victim must visit a specially crafted HTML page (CVSS UI:R). The confidentiality impact is rated High (C:H) with no integrity or availability consequence, meaning a successful attack leaks memory contents rather than enabling code execution. No public exploit identified at time of analysis, and EPSS at 0.03% (10th percentile) reflects low observed exploitation probability.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page processed by the codec subsystem. The flaw requires user interaction (visiting a malicious page) and a prior renderer compromise, but if chained successfully it enables full code execution on the host with a scope change. No public exploit identified at time of analysis and EPSS probability is very low (0.05%), but the 9.6 CVSS reflects the high impact of a successful sandbox escape.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free in the Codecs component triggered by a crafted HTML page. The flaw requires user interaction (visiting a malicious page) and chains with a prior renderer compromise; no public exploit identified at time of analysis and EPSS exploitation probability is very low (0.03%, 11th percentile).

Google Memory Corruption Use After Free +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Printing subsystem (all versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to exfiltrate sensitive cross-origin data by serving a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) reflects high confidentiality impact with no integrity or availability loss, though the real-world attack requires a pre-compromised renderer - making this a second-stage chaining vulnerability rather than a standalone initial-access vector. No public exploit code or CISA KEV listing has been identified, and EPSS at 0.05% (15th percentile) confirms low current exploitation probability.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Google Chrome DevTools versions prior to 149.0.7827.53 allows attackers to abuse insufficient policy enforcement through a malicious browser extension. The flaw requires user interaction to install a crafted extension, after which the attacker can gain elevated privileges within the browser context. No public exploit identified at time of analysis, and EPSS scoring (0.01%) indicates very low near-term exploitation probability despite the high CVSS rating.

Google Privilege Escalation Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out-of-bounds memory read in the Dawn WebGPU implementation of Google Chrome prior to 149.0.7827.53 allows a remote attacker to access memory outside intended bounds via a crafted HTML page. Exploitation requires the victim to visit an attacker-controlled page, and no public exploit identified at time of analysis. Google rates the Chromium-internal severity as Medium, while NVD assigns CVSS 8.8 reflecting the broad impact on confidentiality, integrity, and availability if successfully triggered.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's ANGLE graphics library (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to read memory across origin boundaries by luring a victim to a crafted HTML page. The root cause is an uninitialized variable (CWE-457) within ANGLE - Chromium's graphics translation layer - which may retain residual data from prior allocations, exposing sensitive cross-origin content. No public exploit code exists and no active exploitation is confirmed (CISA KEV absent); EPSS is 0.03% (11th percentile), indicating low current real-world exploitation pressure.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory read in Google Chrome's Media component exposes sensitive process memory contents to attackers who have already compromised the renderer process. Specifically, Chrome versions prior to 149.0.7827.53 fail to initialize memory in the Media subsystem, enabling a secondary attacker-controlled read of arbitrary process memory via a crafted HTML page. EPSS stands at 0.03% (11th percentile), no public exploit has been identified, and this vulnerability is not listed in the CISA KEV catalog; the vendor-released patch is available in Chrome 149.0.7827.53.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page. The flaw stems from an integer overflow (CWE-472) in ANGLE and requires user interaction (visiting a malicious page) plus a prior renderer compromise to chain into full sandbox escape. No public exploit identified at time of analysis, and EPSS is very low (0.03%), but Google rates the underlying issue as Medium severity within Chromium.

Google Buffer Overflow Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's ANGLE graphics component (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to read sensitive data from other origins via a crafted HTML page. The root cause is CWE-457 (Use of Uninitialized Variable) in ANGLE - residual memory contents in the graphics pipeline can be read before proper initialization, exposing data across origin boundaries. EPSS is very low at 0.03% (11th percentile) and no public exploit or CISA KEV listing has been identified, but the cross-origin data access impact makes this relevant in chained exploit scenarios.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandbox-confined arbitrary code execution in Google Chrome versions prior to 149.0.7827.53 stems from an inappropriate implementation in the Dawn WebGPU component, enabling a remote attacker who has already compromised the renderer process to run code inside the sandbox via a crafted HTML page. The CVSS 8.8 rating reflects high impact across confidentiality, integrity, and availability when combined with user interaction (visiting a page), though Chromium classified the underlying severity as Medium. No public exploit identified at time of analysis, but a vendor patch is available in the Stable channel update for desktop.

Google RCE Red Hat +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out-of-bounds memory access in Google Chrome on Android before version 149.0.7827.53 allows remote attackers to corrupt GPU process memory by luring a user to a crafted HTML page that triggers an integer overflow. The flaw carries a CVSS 8.8 (high) rating with high confidentiality, integrity, and availability impact, but EPSS is only 0.03% and no public exploit identified at time of analysis, suggesting low near-term mass-exploitation likelihood despite the severity of the underlying bug class.

Google Buffer Overflow Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Password Manager component (prior to 149.0.7827.53) exposes sensitive credential or form data to remote attackers through a crafted HTML page. The flaw stems from an inappropriate implementation classified under CWE-346 (Origin Validation Error), meaning the Password Manager fails to properly enforce same-origin boundaries when handling data. No privileges are required and exploitation is conditional only on user interaction with a malicious page; CVSS confidentiality impact is rated High, though no public exploit code exists and EPSS is at 0.03%, indicating low observed exploitation pressure at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage via Chrome's Password Manager component affects Google Chrome versions prior to 149.0.7827.53, exploitable when a user visits an attacker-crafted HTML page. The flaw stems from an inappropriate implementation that fails to enforce proper origin boundaries within the Password Manager, allowing a remote, unauthenticated attacker to read sensitive cross-origin data - potentially including credential-related information surfaced by the Password Manager. No public exploit code has been identified and no active exploitation is confirmed (not in CISA KEV), with EPSS at 0.03% (11th percentile), though the high confidentiality impact (C:H) warrants prompt patching given Chrome's massive deployment surface.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a race condition in the GPU process triggered by a crafted HTML page. The flaw is a use-after-free (CWE-416) reachable through normal web content rendering, and while no public exploit is identified at time of analysis, the EPSS percentile of 11% suggests low near-term opportunistic exploitation likelihood.

Information Disclosure Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-Origin Policy bypass in Google Chrome's Canvas implementation affects all versions prior to 149.0.7827.53, allowing a remote unauthenticated attacker to violate cross-origin integrity guarantees through a crafted HTML page. The vulnerability carries a High integrity impact (I:H) with no confidentiality or availability consequence, meaning an attacker can write or manipulate cross-origin data rather than read it. No public exploit code has been identified at time of analysis, and EPSS at 0.02% (4th percentile) suggests minimal observed exploitation pressure currently.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome for Android's WebView component prior to version 149.0.7827.53 allows remote attackers to potentially execute code or crash the browser by luring victims to a crafted HTML page. The flaw is a use-after-free (CWE-416) rated CVSS 8.8 due to network reach and high impact across confidentiality, integrity, and availability, though user interaction is required. No public exploit identified at time of analysis and EPSS exploitation probability is very low (0.03%).

Denial Of Service Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out-of-bounds memory write in Google Chrome's codec component prior to version 149.0.7827.53 allows a remote attacker to corrupt memory by serving a crafted video file to a victim who visits a malicious page or views attacker-supplied media. The flaw stems from insufficient input validation in media codec parsing and carries a CVSS 8.8 rating reflecting high impact across confidentiality, integrity, and availability, though no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.05%.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's FileSystem API implementation affects all desktop versions prior to 149.0.7827.53, exploitable by a remote attacker who has already achieved renderer process compromise. Delivering a crafted HTML page to a victim who interacts with it triggers the flaw, resulting in high-integrity cross-origin impact with no confidentiality or availability consequence. No public exploit code exists and EPSS sits at 0.02% (6th percentile), but the integrity impact and its role as a renderer-escape pivot make it relevant to multi-stage exploitation chains.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by serving a crafted HTML page that triggers a bad cast in the Dawn WebGPU implementation. The flaw carries a CVSS 8.8 rating with user interaction required (visiting a malicious page), and no public exploit has been identified at time of analysis despite Google rating the underlying Chromium severity as Medium. The vendor has released a patched stable channel build addressing this issue alongside other fixes.

Information Disclosure Google Buffer Overflow +4
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a type confusion flaw in the CSS engine that lets a remote attacker run arbitrary code within the renderer sandbox by enticing a victim to load a crafted HTML page. The CVSS 8.8 score reflects network reach with low attack complexity but requires user interaction (UI:R) to visit the malicious page, and no public exploit identified at time of analysis. A vendor patch is available via the Chrome Stable channel update published in June 2026.

Google Memory Corruption RCE +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Out-of-bounds read in Chrome's V8 JavaScript engine (versions prior to 149.0.7827.53) exposes sensitive process memory to remote attackers who can lure a victim to a crafted HTML page. The CVSS vector (PR:N/UI:R/C:H) confirms unauthenticated remote triggering with high confidentiality impact, though exploitation requires one click of user interaction. No public exploit identified at time of analysis, and EPSS sits at the 11th percentile (0.03%), suggesting low observed exploitation pressure despite the medium-severity classification.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome on Linux prior to version 149.0.7827.53 allows a remote attacker to exploit a use-after-free condition in the WebRTC component via a crafted HTML page. The flaw carries a CVSS 3.1 score of 8.8 with user interaction required, and while no public exploit has been identified at time of analysis, Chromium-class memory corruption bugs in WebRTC are historically high-value targets. Google has released a patched stable channel build, and Chromium itself rates the severity as Medium despite the higher NVD CVSS.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free in Google Chrome's WebGL component (prior to 149.0.7827.53) exposes process memory to remote attackers who can lure a user to a crafted HTML page. The vulnerability is limited to confidentiality - CVSS C:H/I:N/A:N - meaning an attacker can read potentially sensitive data from Chrome's process memory but cannot write or crash the process per the scored vector. No public exploit has been identified at time of analysis, and EPSS sits at 0.03% (10th percentile), indicating low observed exploitation pressure. Google has shipped a fix in the stable channel release 149.0.7827.53.

Denial Of Service Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local code execution in Google Chrome for Android prior to 149.0.7827.53 stems from a use-after-free in the WebView component, triggered when a victim opens a malicious file. Per CVSS 7.8 (AV:L/UI:R), exploitation requires local delivery plus user interaction, and there is no public exploit identified at time of analysis (EPSS 0.01%, not in CISA KEV).

Google Memory Corruption RCE +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Information disclosure in Google Chrome on Linux prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to read sensitive data from process memory by serving a crafted HTML page that triggers a use-after-free in the Base component. The flaw is rated Medium by Chromium but scored CVSS 8.8 in NVD, and no public exploit identified at time of analysis with an EPSS of 0.03%.

Denial Of Service Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer/network process to break out of the browser sandbox via crafted Chromoting (Chrome Remote Desktop) network traffic. The flaw is rated CVSS 9.6 due to the scope change from sandboxed process to host, though Google classifies the Chromium severity as Medium. EPSS is very low (0.05%) and no public exploit identified at time of analysis, but a vendor patch is available.

Information Disclosure Google Microsoft +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in the Cast component of Google Chrome (prior to 149.0.7827.53) enables a remote unauthenticated attacker to violate cross-origin integrity protections via a crafted HTML page, requiring only that the target user visit the attacker-controlled page. The CVSS vector confirms high integrity impact with no confidentiality or availability consequence, indicating the attack allows unauthorized cross-origin writes or data manipulation rather than information disclosure. No public exploit code has been identified at time of analysis, and the EPSS score of 0.02% (6th percentile) signals low observed exploitation interest despite the medium-severity Chromium classification.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome desktop versions prior to 149.0.7827.53 stems from a use-after-free flaw in the WebSockets implementation that an attacker can trigger by luring a victim to a crafted HTML page. Although code execution is constrained to Chrome's renderer sandbox, the CVSS 8.8 rating reflects high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Google has shipped a fix in the stable channel, but the bug typically becomes a building block for full chain exploits when combined with a sandbox escape.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory read in Chrome's Dawn (WebGPU) component exposes process memory contents to remote unauthenticated attackers who can entice a user to visit a crafted HTML page. All Chrome desktop versions prior to 149.0.7827.53 are affected, with confidentiality impact rated High (C:H) due to potential exposure of sensitive in-process data such as credentials or session tokens. No public exploit code or active exploitation has been identified at time of analysis; EPSS at 0.03% (11th percentile) reflects low current exploitation pressure.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome prior to 149.0.7827.53 allows remote attackers to break out of the renderer sandbox via a crafted HTML page that exploits insufficient input validation in the ANGLE graphics layer. The flaw requires the victim to visit attacker-controlled content (UI:R) but no authentication, and the scope-changing CVSS 9.6 reflects the impact of escaping browser process isolation. EPSS is very low (0.05%, 15th percentile) and there is no public exploit identified at time of analysis.

Information Disclosure Google Red Hat +2
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page targeting a use-after-free in the ANGLE graphics layer. The flaw requires user interaction (visiting a malicious page) and changes scope, yielding high confidentiality, integrity, and availability impact on the host. No public exploit identified at time of analysis and EPSS probability is very low (0.03%, 11th percentile), but a vendor patch is available.

Denial Of Service Use After Free Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome for Android (prior to 149.0.7827.53) is enabled by a race condition in the GPU component, exploitable only after the attacker has already achieved renderer process compromise. Using a crafted HTML page, the attacker can then trigger the GPU race to read cross-origin data, constituting a second-stage information disclosure step in a broader attack chain. No public exploit code or CISA KEV listing exists at time of analysis; EPSS sits at 0.03% (11th percentile), consistent with limited real-world exploitation activity.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that abuses the WebNN (Web Neural Network) API. The flaw stems from insufficient validation of untrusted input (CWE-20) reaching the WebNN component, and exploitation requires user interaction (visiting an attacker-controlled page) plus a prior renderer-compromise primitive. There is no public exploit identified at time of analysis, and the EPSS probability is very low (0.04%).

Information Disclosure Google Microsoft +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Script and HTML injection into privileged Chrome pages is possible in Google Chrome prior to 149.0.7827.53 through insufficient policy enforcement in the Extensions subsystem. An attacker who convinces a user to install a crafted malicious extension can leverage this to inject content into otherwise-restricted privileged pages, compromising page integrity. EPSS is 0.01% (1st percentile), no KEV listing exists, and no public exploit has been identified at time of analysis - indicating low observed exploitation pressure despite the network-accessible attack vector.

Google Code Injection Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome versions prior to 149.0.7827.53 stems from a type confusion bug in the ANGLE graphics translation layer that a remote attacker can trigger via a crafted HTML page. Despite a CVSS of 9.6 and a vendor-released patch, EPSS is only 0.03% and no public exploit identified at time of analysis, though Chromium-rated Medium browser bugs are routinely targeted once details are public.

Information Disclosure Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to version 149.0.7827.53 allows a remote attacker to escape memory safety boundaries within the renderer sandbox via a crafted HTML page. The flaw stems from a use-after-free condition in the Media component and requires user interaction (visiting a malicious page); no public exploit has been identified at time of analysis. With a CVSS of 8.8 and confirmed Chromium classification, this is a typical browser memory-corruption bug that historically attracts exploit chains.

Google Memory Corruption RCE +6
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's Blink rendering engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to visit a crafted HTML page. The flaw is a use-after-free memory corruption issue (CWE-416) carrying a CVSS 8.8 score, with a vendor patch already shipped via the Chrome stable channel and no public exploit identified at time of analysis.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Privilege escalation in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via an integer overflow in the CredentialProvider component. Exploitation requires user interaction with a crafted HTML page and a prior renderer compromise, and no public exploit has been identified at time of analysis. Chromium rates the security severity as Medium despite the CVSS 7.5 score.

Google Microsoft Privilege Escalation +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory use in Skia, Chrome's 2D graphics library, exposes process memory contents to a remote attacker who has already compromised the renderer process. Affected versions are all Chrome releases prior to 149.0.7827.53 on desktop platforms. An attacker leveraging this flaw can read potentially sensitive data from process memory - such as credentials, tokens, or page content - by delivering a crafted HTML page that triggers Skia's uninitialized memory path. No public exploit identified at time of analysis and EPSS stands at 0.03% (11th percentile), indicating low current exploitation pressure; however, the confidentiality impact is rated High by NVD.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the Site Isolation sandbox via a crafted HTML page. The flaw stems from insufficient validation of untrusted input in the Site Isolation component (CWE-20) and is rated CVSS 9.6 due to scope change, though Chromium itself classifies the underlying severity as Medium. No public exploit has been identified at time of analysis and EPSS is very low (0.05%, 15th percentile), but the chained-exploit potential makes it a meaningful browser-security risk.

Information Disclosure Google Microsoft +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to 149.0.7827.53 allows attackers to run arbitrary code inside the renderer sandbox by luring a user to a crafted HTML page that triggers a use-after-free in the ANGLE graphics layer. The flaw carries a CVSS 8.8 score and requires user interaction (visiting a malicious page), and no public exploit identified at time of analysis. The sandbox containment limits direct system impact, but the bug is a strong candidate for chaining with a sandbox escape.

Google Memory Corruption RCE +6
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by enticing a victim to visit a crafted HTML page that triggers a use-after-free condition in the WebRTC component. No public exploit identified at time of analysis, though the high CVSS score of 8.8 and the memory corruption class make this a priority browser patch. Chromium rates the security severity as Medium despite the CVSS score, suggesting sandbox containment limits real-world impact.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that triggers a type confusion in the GPU process. The CVSS score of 9.6 reflects the scope-changing nature of escaping the sandbox boundary, though exploitation requires user interaction (visiting a malicious page) and a pre-existing renderer compromise. No public exploit identified at time of analysis, and EPSS is low at 0.03%.

Microsoft Information Disclosure Google +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Out-of-bounds read in ANGLE (Google's graphics abstraction layer) within Chrome on Linux exposes sensitive process memory to remote attackers via a crafted HTML page. All Chrome for Linux versions prior to 149.0.7827.53 are affected; Windows and macOS are not in scope. The CVSS vector confirms unauthenticated remote exploitability at low complexity, though user interaction is required, and no public exploit has been identified at time of analysis - EPSS at 0.03% (11th percentile) signals minimal current exploitation pressure.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's V8 JavaScript engine before version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox when a victim visits a crafted HTML page. The flaw is a use-after-free memory corruption issue rated CVSS 8.8 (High), and while no public exploit has been identified at time of analysis, V8 bugs of this class are historically high-value targets for exploit chains. SSVC indicates no observed exploitation, but technical impact is total within the sandbox boundary.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's Password Manager component (versions prior to 149.0.7827.53) allows a remote attacker to execute arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. The flaw stems from a use-after-free memory corruption condition (CWE-416) and carries a CVSS 3.1 score of 8.8. No public exploit identified at time of analysis, but a vendor patch has been released by Google.

Google Memory Corruption RCE +5
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Extensions subsystem (versions prior to 149.0.7827.53) allows an attacker who socially engineers a user into installing a crafted malicious extension to violate cross-origin boundaries, enabling unauthorized integrity impact against content from other origins. The CVSS vector (I:H, C:N) confirms the impact is write/modify-only - sensitive data exfiltration is not a direct consequence. No public exploit code or active exploitation has been identified at time of analysis; EPSS is negligible at 0.01% (1st percentile), consistent with the social-engineering prerequisite limiting mass exploitation.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw resides in the Base component and is rated Medium severity by Chromium despite the CVSS 9.6 score, reflecting the prerequisite of a prior renderer compromise. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.05%.

Information Disclosure Google Microsoft +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandboxed arbitrary code execution in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to run arbitrary code within the Chrome sandbox via a crafted HTML page processed by the Media component. The flaw stems from insufficient validation of untrusted input (CWE-20) and is rated Medium severity by Chromium despite an 8.8 CVSS, reflecting that it serves as a second-stage primitive rather than a standalone RCE; no public exploit identified at time of analysis.

Google RCE Red Hat +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory disclosure in Google Chrome's GPU component (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to read sensitive data from process memory by delivering a crafted HTML page. The vulnerability stems from insufficient validation of untrusted input passed to the GPU subsystem, classified as CWE-20 (Improper Input Validation), and is rated Medium severity by the Chromium security team despite a CVSS Confidentiality impact of High - reflecting that successful exploitation requires a prior renderer compromise as a prerequisite. No public exploit code has been identified and EPSS probability stands at just 0.05% (15th percentile), indicating low current exploitation likelihood.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Integer overflow in ANGLE (Google's graphics abstraction layer) within Chrome on macOS prior to 149.0.7827.53 enables remote information disclosure from process memory via crafted HTML pages. An unauthenticated remote attacker who induces user interaction can trigger out-of-bounds memory reads through a malicious webpage, potentially exposing credentials, session tokens, or other sensitive in-memory data. No active exploitation is confirmed (not listed in CISA KEV) and EPSS of 0.03% (11th percentile) reflects low real-world exploitation probability at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via an out-of-bounds write in ANGLE triggered by a crafted HTML page. The flaw carries a high CVSS of 9.6 due to scope change and full CIA impact, though no public exploit has been identified and EPSS exploitation probability remains very low at 0.03%.

Google Memory Corruption Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's Views component prior to version 149.0.7827.53 allows a remote attacker to potentially execute code in the renderer when a user is convinced to perform specific UI gestures on a crafted HTML page. The flaw is a use-after-free (CWE-416) carrying a CVSS 8.8 rating, but EPSS is very low at 0.03% (11th percentile) and no public exploit is identified at time of analysis. Google has shipped a patched stable channel build, and Chromium rates the underlying issue as Medium severity.

Denial Of Service Use After Free Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that exploits insufficient input validation in the Media component. The flaw requires user interaction (visiting a malicious page) and a prior renderer compromise, making it a second-stage capability typically chained with another bug; no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.05%.

Information Disclosure Google Microsoft +1
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Sandbox escape in Google Chrome's ANGLE graphics layer prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) requiring user interaction to visit the malicious page, and no public exploit has been identified at time of analysis despite an EPSS score of 0.03% indicating very low near-term exploitation probability.

Denial Of Service Use After Free Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Skia graphics library (prior to 149.0.7827.53) enables a remote attacker to read sensitive data from other origins by enticing a user to visit a crafted HTML page. The flaw stems from uninitialized memory use (CWE-457) in Skia, Chrome's 2D rendering engine, where residual memory contents can be exposed across security boundaries. No active exploitation has been confirmed (not in CISA KEV) and EPSS sits at 0.03% (11th percentile), indicating low real-world exploitation probability at time of analysis, though the confidentiality impact is rated High by CVSS.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Subresource Integrity (SRI) policy enforcement failure in Google Chrome prior to 149.0.7827.53 enables remote attackers to bypass Content Security Policy protections via malicious network traffic. Affected users who visit attacker-influenced pages may have tampered scripts or resources loaded without the expected cryptographic hash validation that SRI is designed to enforce, undermining integrity guarantees that web applications depend on as a security boundary. No active exploitation is confirmed (not in CISA KEV), EPSS is very low at 0.02% (6th percentile), and a vendor patch is available at 149.0.7827.53.

Authentication Bypass Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Out-of-bounds write in Google Chrome's media Codecs component prior to version 149.0.7827.53 allows a remote attacker to potentially escape the renderer sandbox via a crafted video file. Successful exploitation requires the victim to load attacker-controlled video content, but the resulting scope change (S:C) means the attacker can break out of Chrome's renderer sandbox and impact resources beyond it. No public exploit has been identified at time of analysis and EPSS is very low (0.03%), but the high CVSS reflects the severe impact of a successful sandbox escape.

Google Memory Corruption Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome prior to 149.0.7827.53 enables remote unauthenticated attackers to violate cross-origin isolation boundaries through a crafted HTML page, producing high integrity impact with no confidentiality or availability loss. Rooted in an inappropriate DOM implementation (CWE-346: Origin Validation Error), the flaw allows a malicious page to cross origin boundaries and manipulate content or state belonging to a different origin. No public exploit code and no CISA KEV listing exist at time of analysis; the EPSS score of 0.02% (4th percentile) reinforces limited real-world exploitation pressure despite the medium CVSS 6.5 rating.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Local privilege escalation in Google Chrome for Android prior to 149.0.7827.53 stems from an inappropriate implementation in the Custom Tabs component, where a crafted XML file processed by a local attacker can elevate privileges within the browser context. The flaw is rated CVSS 7.3 (Chromium severity Medium) and requires user interaction, with no public exploit identified at time of analysis and a very low EPSS score (0.02%, 4th percentile). A vendor patch is available in the Stable channel update referenced by the Chrome Releases advisory.

Google Privilege Escalation Chrome
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Universal Cross-Site Scripting (UXSS) in Google Chrome for Android's Tab Group Sync feature allows remote unauthenticated attackers to inject arbitrary scripts or HTML via malicious network traffic against Chrome versions prior to 149.0.7827.53. The CVSS Changed Scope (S:C) confirms that injected content escapes the vulnerable component's origin boundary, affecting other origins - the defining characteristic of UXSS, which is more severe than conventional XSS because it bypasses the browser-level same-origin policy rather than just application-level controls. No public exploit has been identified at time of analysis, and EPSS at 0.07% (22nd percentile) reflects low current exploitation probability; the vulnerability is not listed in CISA KEV.

Google Code Injection Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory read in Chrome's WebML component on macOS exposes potentially sensitive process memory contents to remote attackers. Affected are all Chrome versions prior to 149.0.7827.53 on Mac; exploitation requires convincing a user to visit a specially crafted HTML page. No public exploit code or active exploitation (CISA KEV) has been identified, and the EPSS score of 0.03% (10th percentile) reflects low real-world exploitation likelihood at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Password Manager component (versions prior to 149.0.7827.53) enables unauthenticated remote attackers to access sensitive data across security origin boundaries when a victim visits a specially crafted HTML page. The flaw involves an inappropriate implementation of origin validation (CWE-346) within the Password Manager subsystem, potentially exposing saved credentials or autofill data to a malicious origin. No active exploitation has been confirmed - SSVC classifies exploitation as none and EPSS places this in the 11th percentile - though the High confidentiality impact in the CVSS vector reflects meaningful data exposure if triggered.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Password Manager component (versions prior to 149.0.7827.53) allows remote unauthenticated attackers to manipulate browser interface elements via crafted malicious network traffic. The flaw stems from insufficient input validation (CWE-20) in the Password Manager subsystem, enabling an attacker to deceive victims about the legitimacy of password prompts or credential states. No public exploit code or active exploitation has been identified; EPSS at 0.05% (15th percentile) reflects low community-assessed exploitation probability, and the mandatory user interaction requirement prevents automated mass exploitation.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote heap corruption in Google Chrome prior to 149.0.7827.53 allows attackers to exploit a use-after-free condition in the Network component via crafted network traffic when a user visits or interacts with attacker-controlled content. Rated CVSS 8.8 with a patch available from Google, though EPSS exploitation probability is currently very low (0.03%, 11th percentile) and no public exploit has been identified at time of analysis.

Denial Of Service Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandbox-contained arbitrary code execution in Google Chrome's Media component affects Linux and ChromeOS builds prior to 149.0.7827.53, where a use-after-free flaw can be triggered via a crafted HTML page. Exploitation requires that the attacker has already compromised the renderer process, meaning this bug functions as a second-stage primitive in a multi-vulnerability chain rather than a standalone RCE. No public exploit identified at time of analysis, and Chromium rates the internal severity as Medium despite the NVD CVSS of 8.8.

Google Memory Corruption RCE +5
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in the Glic component of Google Chrome (prior to 149.0.7827.53) can be triggered by a remote attacker who has already compromised the renderer process, using a crafted HTML page to exfiltrate sensitive cross-origin content. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) reflects high confidentiality impact but masks the realistic complexity: renderer compromise is an explicit prerequisite, making this a chained exploit rather than a standalone attack. No active exploitation has been confirmed (CISA KEV absent, SSVC exploitation=none, EPSS 0.05% at 15th percentile), and a vendor-released patch is available.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Extensions subsystem (all versions prior to 149.0.7827.53) enables circumvention of browser-enforced navigation controls when a user installs a crafted malicious extension. Rooted in CWE-284 (Improper Access Control), the flaw allows the extension to override navigation guards - potentially enabling unauthorized redirects or bypass of URL-based security policies - with a high integrity impact per CVSS (I:H). No public exploit has been identified at time of analysis, EPSS is 0.01% (1st percentile), and the vulnerability is not listed in CISA's KEV catalog, indicating low current exploitation momentum despite a medium CVSS score of 6.5.

Authentication Bypass Google Chrome
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome for Android prior to 149.0.7827.53 allows a remote attacker to circumvent CSP restrictions by delivering a crafted HTML page to a victim user. The flaw resides in Chrome's Navigation subsystem, where policy enforcement is insufficient, enabling injection or execution of content that CSP headers would otherwise block. No public exploit has been identified at time of analysis, and EPSS sits at the 4th percentile, but the zero-privilege-required, network-accessible attack surface warrants prompt patching on Android deployments.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Stack-based buffer overflow in the Skia graphics library shipped with Google Chrome versions prior to 149.0.7827.53 lets a remote attacker corrupt the renderer process stack by serving a crafted HTML page, with potential for arbitrary code execution within the sandbox. The flaw carries a CVSS 3.1 base score of 8.8 (network vector, user interaction required) and no public exploit identified at time of analysis, while a very low EPSS score of 0.03% (10th percentile) suggests no current mass-exploitation pressure despite the high impact rating.

Google Stack Overflow Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's WebAppInstalls component allows a remote attacker who has already compromised the renderer process to circumvent cross-origin protections via a crafted HTML page, yielding high integrity impact with no confidentiality or availability loss. All Chrome versions prior to 149.0.7827.53 are affected. No public exploit code has been identified and EPSS places this at the 6th percentile (0.02%), indicating very low observed exploitation probability; this is not listed in CISA KEV.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome DevTools (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. The flaw stems from insufficient input validation (CWE-20) within the DevTools component, yielding a High integrity impact while leaving confidentiality and availability unaffected. No public exploit code exists at time of analysis, and EPSS sits at 0.02% (6th percentile), indicating low observed exploitation pressure; this vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that exploits insufficient input validation in the GPU component. The CVSS 9.6 score reflects the scope change from renderer to host, but real-world exploitation requires chaining with a separate renderer compromise and user interaction. EPSS is low at 0.05% and no public exploit is identified at time of analysis.

Information Disclosure Google Microsoft +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data disclosure in Google Chrome's Extensions component (versions prior to 149.0.7827.53) enables a remote attacker to read sensitive data belonging to other origins by delivering a crafted XML file to a victim. The CVSS vector confirms network-reachable, unauthenticated access (AV:N/PR:N) with High confidentiality impact, though user interaction is required (UI:R). No public exploit has been identified at time of analysis and EPSS probability sits at a low 0.03% (11th percentile), indicating limited exploitation likelihood despite the meaningful confidentiality impact.

Information Disclosure Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Domain spoofing in the Google Chrome Payments component on Android (versions prior to 149.0.7827.53) enables integrity manipulation of payment flows when an attacker has already compromised the renderer process. By serving a crafted HTML page, the attacker can make the Chrome Payments UI display a spoofed domain, potentially deceiving users into authorizing payments to attacker-controlled origins. EPSS stands at 0.03% (11th percentile), no public exploit code has been identified, and this CVE does not appear in the CISA KEV catalog.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to version 149.0.7827.53 enables a remote, unauthenticated attacker to circumvent browser navigation policies by delivering a crafted HTML page to a victim. The flaw resides in the 'Actor' component of the Chromium engine, where policy enforcement is insufficient, leading to a high-integrity-impact breach (CVSS I:H) without any compromise of confidentiality or availability. No public exploit code and no active exploitation have been identified at time of analysis; EPSS stands at 0.02% (4th percentile), reinforcing a currently low real-world exploitation probability.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's Link Preview feature allows a remote attacker who has already compromised the renderer process to circumvent intended browsing boundaries via a crafted HTML page. All Chrome versions prior to 149.0.7827.53 on desktop are affected. The real-world threat is as a second-stage exploitation primitive within a browser attack chain - an attacker leverages this CWE-284 flaw to escape navigation controls after gaining an initial foothold in the renderer, achieving high integrity impact with no confidentiality or availability loss. No public exploit code has been identified and EPSS stands at 0.02% (4th percentile), indicating low observed exploitation probability at time of analysis.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same origin policy bypass in Google Chrome's Network component (prior to 149.0.7827.53) enables an attacker who has already compromised the renderer process to exfiltrate or manipulate cross-origin data via a crafted HTML page. The integrity impact is rated High (I:H) with no confidentiality or availability impact, meaning the primary risk is unauthorized cross-origin writes or request forgery rather than data theft. No public exploit code has been identified at time of analysis, and EPSS sits at 0.02% (6th percentile), indicating low observed exploitation probability despite the medium CVSS score.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Out-of-bounds memory read in the WebGPU component of Google Chrome before 149.0.7827.53 allows a remote attacker to read memory outside intended buffer boundaries when a victim visits a crafted HTML page. The flaw carries a CVSS 8.1 score due to network reachability and high confidentiality/availability impact, but EPSS sits at 0.03% and SSVC reports no observed exploitation, so the practical risk is currently low despite the high CVSS. No public exploit identified at time of analysis.

Information Disclosure Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Site isolation bypass in Google Chrome prior to version 149.0.7827.53 enables an attacker to circumvent Chrome's site isolation security boundary through a crafted malicious extension, resulting in high integrity impact (I:H per CVSS). The attack is gated by user interaction - specifically, the victim must be convinced to install the malicious extension - after which the extension exploits insufficient policy enforcement in Chrome's Extensions subsystem to cross site isolation boundaries without authorization. No public exploit has been identified at time of analysis, and the EPSS score of 0.01% (1st percentile) indicates negligible current exploitation interest.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory disclosure in Google Chrome's Network component (versions prior to 149.0.7827.53) allows an attacker who has already compromised the renderer process to read potentially sensitive data from process memory by delivering a crafted HTML page to the victim. This is a chained, two-stage attack: exploitation requires a prior renderer process compromise as an explicit prerequisite, which substantially elevates the real-world difficulty beyond what the CVSS 6.5 score alone implies. No active exploitation has been identified (SSVC Exploitation: none; EPSS: 0.05% at the 15th percentile), and no public exploit code exists at time of analysis.

Information Disclosure Google Chrome +2
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Sandbox escape in Google Chrome on Android before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free in the Serial component. Exploitation requires user interaction with a crafted HTML page and a prior renderer compromise, making this a second-stage vulnerability typically chained with another bug. No public exploit identified at time of analysis and EPSS is very low (0.03%), but Google has shipped a patched stable channel build.

Denial Of Service Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Site isolation bypass in Google Chrome's Password Manager prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape cross-origin protections via a crafted HTML page. The flaw stems from insufficient policy enforcement (CWE-602) and chains with a prior renderer compromise, making it a post-exploitation primitive rather than a standalone entry point. EPSS is very low (0.02%, 4th percentile) and no public exploit identified at time of analysis, though Google rates the underlying Chromium severity as Medium.

Authentication Bypass Google Chrome +2
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows remote attackers who have already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a use-after-free in the WebShare component. The flaw requires a pre-existing renderer compromise plus user interaction, and no public exploit identified at time of analysis, though Chromium-rated Medium severity and the patch availability suggest defenders should treat it as part of the standard Chrome update cycle.

Denial Of Service Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows versions prior to 149.0.7827.53 can be triggered by a remote attacker via a crafted HTML page that exploits a use-after-free condition in the USB component. The flaw carries a CVSS score of 9.6 due to its scope-changing impact, though Google rated the underlying Chromium security severity as Medium, and no public exploit has been identified at time of analysis with an EPSS score of just 0.03%.

Google Memory Corruption Use After Free +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebAppInstalls component (versions prior to 149.0.7827.53) enables a remote attacker who has already compromised the renderer process to exfiltrate sensitive cross-origin data via a crafted HTML page. The CVSS 6.5 score captures the high confidentiality impact and network accessibility, but understates effective exploitation complexity because a prior renderer compromise is an explicit prerequisite. EPSS is very low at 0.04% (13th percentile), no public exploit code has been identified, and no CISA KEV listing exists at time of analysis, positioning this as a chained exploitation primitive rather than a standalone critical threat.

Information Disclosure Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's WebView component on Android exposes sensitive information to attackers who have already achieved renderer process compromise. Affected versions are all Chrome for Android releases prior to 149.0.7827.53. A remote attacker, operating from a compromised renderer context, can exfiltrate cross-origin data by delivering a specially crafted HTML page to the victim, bypassing same-origin policy protections. No public exploit code exists and EPSS stands at 0.04% (13th percentile), indicating low observed exploitation pressure at time of analysis; however, the high confidentiality impact (C:H) makes this a meaningful second-stage primitive in multi-vulnerability attack chains.

Information Disclosure Google Chrome +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Out-of-bounds read in Chrome's Dawn WebGPU subsystem (versions prior to 149.0.7827.53) allows unauthenticated remote attackers to read arbitrary memory contents by tricking a user into visiting a crafted HTML page. The vulnerability carries a CVSS 6.5 (Medium) with high confidentiality impact and no integrity or availability impact, indicating targeted data-disclosure potential rather than code execution. EPSS is 0.03% (11th percentile) and the vulnerability is not listed in the CISA KEV catalog - no public exploit has been identified at time of analysis.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Out-of-bounds read in ANGLE (Almost Native Graphics Layer Engine) within Google Chrome prior to 149.0.7827.53 enables an attacker who has already compromised the renderer process to leak potentially sensitive data from process memory via a crafted HTML page. The CVSS vector (AC:H, UI:R) reflects a two-stage exploitation requirement: the attacker must first achieve renderer compromise through a separate vulnerability, then chain this ANGLE flaw as a second-stage information disclosure primitive. No public exploit code has been identified and EPSS sits at 0.03% (11th percentile), indicating low real-world exploitation probability at time of analysis.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
Prev Page 3 of 44 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy