CVE-2026-11669
5.3 MEDIUMOut of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the render...
Published: 2026-06-09 · Last updated: 2026-06-09
Severity and scoring
- CVSS
- 5.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
- CWE
- CWE-472
Description
Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
Source: NVD
References
Related CVEs
Same CWE
- CVE-2025-59382 — QTS, QuTS hero, QuTScloud are not affected
- CVE-2026-11678 — Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to... (5.3 MEDIUM)
- CVE-2026-11655 — Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer proc... (8.3 HIGH)
- CVE-2026-11640 — Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to... (8.3 HIGH)
- CVE-2026-11290 — Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via ... (5.0 MEDIUM)