QSearchQSearch

CVE-2026-11127

6.5 MEDIUM

Inappropriate implementation in WebAPKs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain sp...

Published: 2026-06-04 · Last updated: 2026-06-09

Severity and scoring

CVSS
6.5 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CWE
CWE-358

Affected products

VendorProduct
googlechrome

Description

Inappropriate implementation in WebAPKs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted WebAPK. (Chromium security severity: Medium)

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-11701 Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via ... (5.4 MEDIUM)
  • CVE-2026-11700 Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to ... (8.3 HIGH)
  • CVE-2026-11699 Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corrupt... (8.8 HIGH)
  • CVE-2026-11698 Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corrupt... (8.8 HIGH)
  • CVE-2026-11697 Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perfor... (9.6 CRITICAL)

Same CWE

  • CVE-2026-11122 Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or... (6.1 MEDIUM)
  • CVE-2026-44475 Ella Core is a 5G core designed for private networks (6.1 MEDIUM)
  • CVE-2026-44474 Ella Core is a 5G core designed for private networks (3.7 LOW)
  • CVE-2026-44473 Ella Core is a 5G core designed for private networks (7.1 HIGH)
  • CVE-2026-42082 free5GC is an open-source implementation of the 5G core network (3.7 LOW)