Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f8991d73 by security tracker role at 2026-06-07T19:13:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2026-49494 (Comodo Internet Security's firewall driver Inspect.sys
contains an int ...)
+ TODO: check
+CVE-2026-36229
+ REJECTED
+CVE-2026-26422 (clash-verge-service-ipc before 2.3.0 has a world-reachable IPC
endpoin ...)
+ TODO: check
+CVE-2026-11459 (A security vulnerability has been detected in SecureAge
CatchPulse up ...)
+ TODO: check
+CVE-2026-11458 (A weakness has been identified in erzhongxmu JeeWMS up to
141740afb2ba ...)
+ TODO: check
+CVE-2026-11457 (A security flaw has been discovered in erzhongxmu JeeWMS up to
141740a ...)
+ TODO: check
+CVE-2026-11456 (A vulnerability was identified in Chanjet CRM 1.0. This
affects an unk ...)
+ TODO: check
+CVE-2026-11455 (A vulnerability was determined in FoundationAgents MetaGPT up
to 0.8.2 ...)
+ TODO: check
+CVE-2026-11453 (A vulnerability was found in Tiobon Employee Self-Service
System up to ...)
+ TODO: check
+CVE-2026-11452 (A vulnerability has been found in GL.iNet GL-MT3000 up to
4.4.5. Affec ...)
+ TODO: check
+CVE-2026-11451 (A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts
the fun ...)
+ TODO: check
+CVE-2026-11450 (A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This
affects ...)
+ TODO: check
+CVE-2026-11449 (A security vulnerability has been detected in GL.iNet
GL-MT3000 4.4.5. ...)
+ TODO: check
+CVE-2026-11448 (A weakness has been identified in GL.iNet GL-MT3000 up to
4.4.5. The a ...)
+ TODO: check
+CVE-2026-11447 (A security flaw has been discovered in GL.iNet GL-MT3000 up to
4.4.5. ...)
+ TODO: check
CVE-2026-44173
- mariadb 1:11.8.8-1
NOTE:
https://mariadb.com/docs/release-notes/community-server/11.8/11.8.7
@@ -432,1290 +462,1719 @@ CVE-2026-11322 (Hermes WebUI prior to v0.51.221
contains a path traversal vulner
CVE-2026-11312 (A vulnerability was found in bytedance InfiniStore up to
0.2.33. The i ...)
NOT-FOR-US: bytedance InfiniStore
CVE-2026-10881 (Out of bounds read and write in ANGLE in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10882 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10883 (Type Confusion in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10884 (Use after free in Chromecast in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10885 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10886 (Use after free in FileSystem in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10887 (Use after free in Chromoting in Google Chrome on Mac prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10888 (Use after free in Cast Streaming in Google Chrome prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10889 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10890 (Use after free in Cast in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10891 (Use after free in GFX in Google Chrome on Linux prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10892 (Out of bounds write in GPU in Google Chrome on Android prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10893 (Use after free in Chromoting in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10894 (Use after free in Printing in Google Chrome on Linux prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10895 (Use after free in Ozone in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10896 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10897 (Inappropriate implementation in GPU in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10898 (Stack buffer overflow in GPU in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10899 (Use after free in Ozone in Google Chrome on Linux prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10900 (Use after free in Passwords in Google Chrome on Mac prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10901 (Use after free in Passwords in Google Chrome on Mac prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10902 (Use after free in Ozone in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10903 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10904 (Inappropriate implementation in V8 in Google Chrome prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10905 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10906 (Use after free in WebAuthentication in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10907 (Out of bounds write in ANGLE in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10908 (Use after free in FullScreen in Google Chrome on Windows prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10909 (Use after free in Dawn in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10910 (Type Confusion in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10911 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10912 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10913 (Use after free in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10914 (Use after free in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10915 (Use after free in Core in Google Chrome on iOS prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10916 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10917 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10918 (Use after free in Viz in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10919 (Use after free in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10920 (Insufficient validation of untrusted input in WebShare in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10921 (Integer overflow in Dawn in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10922 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10923 (Use after free in WebAppInstalls in Google Chrome on Android
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10924 (Integer overflow in Chromecast in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10925 (Out of bounds write in Skia in Google Chrome on Mac prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10926 (Use after free in Cast in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10927 (Out of bounds read in Dawn in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10928 (Script injection in Headless in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10929 (Heap buffer overflow in ANGLE in Google Chrome on Android
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10930 (Out of bounds read in ANGLE in Google Chrome on Mac prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10931 (Use after free in FileSystem in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10932 (Use after free in UI in Google Chrome on Android prior to
149.0.7827.5 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10933 (Use after free in Audio in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10934 (Use after free in Autofill in Google Chrome on Android prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10935 (Type Confusion in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10936 (Type Confusion in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10937 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10938 (Inappropriate implementation in Input in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10939 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10940 (Race in Codecs in Google Chrome on Windows prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10941 (Out of bounds memory access in Skia in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10942 (Inappropriate implementation in UI in Google Chrome on Windows
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10943 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10944 (Insufficient policy enforcement in Autofill in Google Chrome
on iOS pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10945 (Use after free in PDF in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10946 (Heap buffer overflow in Media in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10947 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10948 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10949 (Heap buffer overflow in Video in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10950 (Insufficient policy enforcement in Autofill in Google Chrome
on iOS pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10951 (Use after free in Autofill in Google Chrome on iOS prior to
149.0.7827 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10952 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10953 (Use after free in Core in Google Chrome on Android prior to
149.0.7827 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10954 (Use after free in Actor in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10955 (Type Confusion in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10956 (Use after free in MimeHandlerView in Google Chrome prior to
149.0.7827 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10957 (Use after free in Glic in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10958 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10959 (Use after free in Input in Google Chrome on Android prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10960 (Uninitialized Use in Codecs in Google Chrome prior to
149.0.7827.53 al ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10961 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10962 (Type Confusion in Media in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10963 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10964 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10965 (Integer overflow in DevTools in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10966 (Inappropriate implementation in Codecs in Google Chrome prior
to 149.0 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10967 (Use after free in SurfaceCapture in Google Chrome on Android
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10968 (Insufficient validation of untrusted input in Dawn in Google
Chrome on ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10969 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10970 (Insufficient validation of untrusted input in InterestGroups
in Google ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10971 (Insufficient validation of untrusted input in Printing in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10972 (Use after free in Ozone in Google Chrome on Linux prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10973 (Uninitialized Use in Dawn in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10974 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10975 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10976 (Uninitialized Use in Dawn in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10977 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10978 (Use after free in Chromoting in Google Chrome on Windows prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10979 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10980 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10981 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10982 (Use after free in WebXR in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10983 (Insufficient validation of untrusted input in Dawn in Google
Chrome pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10984 (Inappropriate implementation in Accessibility in Google Chrome
on Andr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10985 (Out of bounds read in Skia in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10986 (Integer overflow in Media in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10987 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10988 (Use after free in Views in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10989 (Inappropriate implementation in V8 in Google Chrome prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10990 (Use after free in Glic in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10991 (Use after free in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10992 (Insufficient data validation in Animation in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10993 (Heap buffer overflow in Skia in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10994 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10995 (Heap buffer overflow in TabStrip in Google Chrome prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10996 (Inappropriate implementation in Workers in Google Chrome prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10997 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10998 (Out of bounds read in Media in Google Chrome prior to
149.0.7827.53 al ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10999 (Integer overflow in ANGLE in Google Chrome on Windows prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11000 (Use after free in Fonts in Google Chrome on Linux prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11001 (Inappropriate implementation in Payments in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11002 (Use after free in Autofill in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11003 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11004 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11005 (Out of bounds read in ANGLE in Google Chrome on Windows prior
to 149.0 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11006 (Out of bounds read in Dawn in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11007 (Insufficient validation of untrusted input in WebView in
Google Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11008 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11009 (Use after free in USB in Google Chrome on Windows prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11010 (Use after free in WebShare in Google Chrome on Android prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11011 (Insufficient policy enforcement in Password Manager in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11012 (Use after free in Serial in Google Chrome on Android prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11013 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11014 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11015 (Out of bounds read in WebGPU in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11016 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11017 (Inappropriate implementation in Link Preview in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11018 (Insufficient policy enforcement in Actor in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11019 (Inappropriate implementation in Payments in Google Chrome on
Android p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11020 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11021 (Insufficient validation of untrusted input in GPU in Google
Chrome on ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11022 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11023 (Inappropriate implementation in WebAppInstalls in Google
Chrome prior ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11024 (Stack buffer overflow in Skia in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11025 (Insufficient policy enforcement in Navigation in Google Chrome
on Andr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11026 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11027 (Insufficient validation of untrusted input in Glic in Google
Chrome pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11028 (Use after free in Media in Google Chrome on Linux and ChromeOS
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11029 (Insufficient validation of untrusted input in Drag and Drop in
Google ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11030 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11031 (Insufficient validation of untrusted input in Password Manager
in Goog ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11032 (Inappropriate implementation in Password Manager in Google
Chrome prio ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11033 (Uninitialized Use in WebML in Google Chrome on Mac prior to
149.0.7827 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11034 (Insufficient validation of untrusted input in Tab Group Sync
in Google ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11035 (Inappropriate implementation in Custom Tabs in Google Chrome
on Androi ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11036 (Inappropriate implementation in DOM in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11037 (Out of bounds write in Codecs in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11038 (Insufficient policy enforcement in Subresource Integrity in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11039 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11040 (Use after free in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11041 (Insufficient validation of untrusted input in Media in Google
Chrome o ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11042 (Use after free in Views in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11043 (Out of bounds write in ANGLE in Google Chrome on Mac prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11044 (Integer overflow in ANGLE in Google Chrome on Mac prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11045 (Insufficient validation of untrusted input in GPU in Google
Chrome pri ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11046 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11047 (Inappropriate implementation in Base in Google Chrome on
Windows prior ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11048 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11049 (Use after free in Password Manager in Google Chrome prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11050 (Use after free in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11051 (Out of bounds read in ANGLE in Google Chrome on Linux prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11052 (Type Confusion in GPU in Google Chrome on Windows prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11053
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11054 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11055 (Use after free in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11056 (Insufficient validation of untrusted input in SiteIsolation in
Google ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11057 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11058 (Integer overflow in CredentialProvider in Google Chrome on
Windows pri ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11059 (Use after free in Blink in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11060 (Use after free in Media in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11061 (Type Confusion in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11062 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11063 (Insufficient validation of untrusted input in WebNN in Google
Chrome o ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11064 (Race in GPU in Google Chrome on Android prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11065 (Use after free in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11066 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11067 (Uninitialized Use in Dawn in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11068 (Use after free in WebSockets in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11069 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11070 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11071 (Use after free in Base in Google Chrome on Linux prior to
149.0.7827.5 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11072 (Use after free in WebView in Google Chrome on Android prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11073 (Use after free in WebGL in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11074 (Use after free in WebRTC in Google Chrome on Linux prior to
149.0.7827 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11075 (Out of bounds read in V8 in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11076 (Type Confusion in CSS in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11077 (Bad cast in Dawn in Google Chrome prior to 149.0.7827.53
allowed a rem ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11078 (Inappropriate implementation in FileSystem in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11079 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11080 (Use after free in WebView in Google Chrome on Android prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11081 (Inappropriate implementation in Canvas in Google Chrome prior
to 149.0 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11082 (Race in GPU in Google Chrome on Android prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11083 (Inappropriate implementation in Password Manager in Google
Chrome prio ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11084 (Inappropriate implementation in Password Manager in Google
Chrome prio ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11085 (Integer overflow in GPU in Google Chrome on Android prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11086 (Inappropriate implementation in Dawn in Google Chrome prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11087 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11088 (Integer overflow in ANGLE in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11089 (Uninitialized Use in Media in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11090 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11091 (Inappropriate implementation in Dawn in Google Chrome prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11092 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11093 (Inappropriate implementation in Printing in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11094 (Use after free in Codecs in Google Chrome on Windows prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11095 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11096 (Out of bounds read in WebRTC in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11097 (Inappropriate implementation in WebView in Google Chrome on
Android pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11098 (Insufficient validation of untrusted input in GPU in Google
Chrome pri ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11099
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11100 (Use after free in File Input in Google Chrome on Mac prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11101 (Uninitialized Use in Dawn in Google Chrome on Windows prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11102 (Inappropriate implementation in Isolated Web Apps in Google
Chrome pri ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11103 (Inappropriate implementation in Installer in Google Chrome on
Windows ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11104 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11105 (Insufficient validation of untrusted input in WebUI in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11106 (Inappropriate implementation in Media in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11107 (Inappropriate implementation in Downloads in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11108 (Inappropriate implementation in NFC in Google Chrome on
Android prior ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11109 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11110 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11111 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11112 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11113 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11114 (Use after free in Device Trust in Google Chrome on Mac prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11115 (Use after free in Updater in Google Chrome on Windows prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11116 (Use after free in Chromoting in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11117 (Use after free in Views in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11118 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11119 (Inappropriate implementation in GPU in Google Chrome on
Android prior ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11120 (Insufficient validation of untrusted input in Enterprise
Reporting in ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11121 (Insufficient validation of untrusted input in Skia in Google
Chrome pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11122 (Inappropriate implementation in Keyboard in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11123 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11124 (Integer overflow in Skia in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11125 (Use after free in Compositing in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11126 (Inappropriate implementation in DevTools in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11127 (Inappropriate implementation in WebAPKs in Google Chrome on
Android pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11128 (Inappropriate implementation in Web Share in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11129 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11130 (Use after free in Media in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11131 (Use after free in Autofill in Google Chrome on Android prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11132 (Insufficient policy enforcement in Paint in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11133 (Insufficient policy enforcement in Paint in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11134 (Inappropriate implementation in Media in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11135 (Insufficient policy enforcement in Autofill in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11136 (Use after free in Canvas in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11137 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11138 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11139 (Inappropriate implementation in Paint in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11140 (Out of bounds read in Chromecast in Google Chrome prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11141 (Uninitialized Use in Audio in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11142 (Insufficient policy enforcement in Paint in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11143 (Out of bounds read in Extensions in Google Chrome on Linux
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11144 (Use after free in Media in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11145 (Race in Geolocation in Google Chrome on Android prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11146 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11147 (Use after free in WebML in Google Chrome on Windows prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11148 (Inappropriate implementation in Payments in Google Chrome on
Android p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11149 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11150 (Inappropriate implementation in XML in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11151 (Insufficient validation of untrusted input in Password Manager
in Goog ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11152 (Object lifecycle issue in Dawn in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11153 (Side-channel information leakage in Forms in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11154 (Use after free in Dawn in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11155 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11156 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11157 (Script injection in Accessibility in Google Chrome prior to
149.0.7827 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11158 (Insufficient validation of untrusted input in Downloads in
Google Chro ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11159 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11160 (Out of bounds read in Input in Google Chrome on Linux prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11161 (Inappropriate implementation in DataTransfer in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11162 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11163 (Use after free in Messages in Google Chrome on Android prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11164 (Use after free in Blink in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11165 (Use after free in WebMIDI in Google Chrome on iOS prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11166 (Inappropriate implementation in SVG in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11167 (Inappropriate implementation in WebView in Google Chrome on
Android pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11168 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11169 (Inappropriate implementation in XML in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11170 (Inappropriate implementation in Chromoting in Google Chrome on
Linux p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11171 (Integer overflow in Blink in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11172 (Incorrect security UI in Contact Picker in Google Chrome on
Android pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11173 (Out of bounds write in V8 in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11174 (Inappropriate implementation in Site Isolation in Google
Chrome prior ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11175 (Incorrect security UI in Messages in Google Chrome on Android
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11176 (Inappropriate implementation in Media in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11177 (Use after free in Omnibox in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11178 (Insufficient policy enforcement in WebView in Google Chrome on
Android ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11179 (Inappropriate implementation in ORB in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11180 (Inappropriate implementation in SVG in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11181 (Inappropriate implementation in Media Session in Google Chrome
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11182 (Inappropriate implementation in SVG in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11183 (Out of bounds read in GWP-ASan in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11184 (Insufficient policy enforcement in Actor in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11185 (Use after free in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11186 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11187 (Inappropriate implementation in Glic in Google Chrome prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11188 (Use after free in USB in Google Chrome on Android prior to
149.0.7827. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11189 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11190 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11191 (Out of bounds memory access in ANGLE in Google Chrome prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11192 (Insufficient validation of untrusted input in Password Manager
in Goog ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11193 (Insufficient policy enforcement in Password Manager in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11194 (Inappropriate implementation in Network in Google Chrome prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11195 (Inappropriate implementation in MHTML in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11196 (Type Confusion in XML in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11197 (Insufficient policy enforcement in Workers in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11198 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11199 (Inappropriate implementation in WebRTC in Google Chrome prior
to 149.0 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11200 (Inappropriate implementation in WebRTC in Google Chrome prior
to 149.0 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11201 (Use after free in ServiceWorker in Google Chrome prior to
149.0.7827.5 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11202 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11203 (Inappropriate implementation in GPU in Google Chrome on Mac
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11204 (Inappropriate implementation in Signin in Google Chrome on iOS
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11205 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11206 (Insufficient policy enforcement in ServiceWorker in Google
Chrome prio ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11207 (Insufficient validation of untrusted input in Autofill in
Google Chrom ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11208 (Use after free in Codecs in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11209 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11210 (Inappropriate implementation in Safe Browsing in Google Chrome
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11211 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11212 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11213 (Insufficient validation of untrusted input in Reading Mode in
Google C ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11214 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11215 (Inappropriate implementation in Cronet in Google Chrome on
Android pri ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11216 (Incorrect security UI in File Input in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11217 (Inappropriate implementation in Fenced Frames in Google Chrome
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11218 (Inappropriate implementation in PlatformIntegration in Google
Chrome o ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11219 (Inappropriate implementation in Navigation in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11220 (Insufficient validation of untrusted input in Navigation in
Google Chr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11221 (Insufficient validation of untrusted input in PointerLock in
Google Ch ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11222 (Incorrect security UI in Tab Strip in Google Chrome prior to
149.0.782 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11223 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11224 (Use after free in Chromoting in Google Chrome on Linux prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11225 (Inappropriate implementation in WebUI in Google Chrome prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11226 (Insufficient policy enforcement in PreviewTab in Google Chrome
on Andr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11227 (Incorrect security UI in Tab Hover Cards in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11228 (Inappropriate implementation in File Input in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11229 (Inappropriate implementation in Enterprise in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11230 (Use after free in Extensions in Google Chrome prior to
149.0.7827.53 a ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11231 (Inappropriate implementation in Safe Browsing in Google Chrome
on Mac ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11232 (Inappropriate implementation in TabGroups in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11233 (Insufficient policy enforcement in FoldableAPIs in Google
Chrome prior ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11234 (Inappropriate implementation in FoldableAPIs in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11235 (Insufficient policy enforcement in Compositing in Google
Chrome prior ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11236 (Insufficient policy enforcement in Web Bluetooth in Google
Chrome prio ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11237 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11238 (Inappropriate implementation in DevTools in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11239 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11240 (Insufficient validation of untrusted input in Loader in Google
Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11241 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11242 (Insufficient validation of untrusted input in Plugins in
Google Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11243 (Inappropriate implementation in Downloads in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11244 (Insufficient validation of untrusted input in
WebAuthentication in Goo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11245 (Inappropriate implementation in Payments in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11246 (Insufficient validation of untrusted input in IndexedDB in
Google Chro ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11247 (Insufficient policy enforcement in CustomTabs in Google Chrome
on Andr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11248 (Inappropriate implementation in Google Lens in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11249 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11250 (Inappropriate implementation in DevTools in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11251 (Insufficient policy enforcement in Password Manager in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11252 (Insufficient policy enforcement in Content Settings in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11253 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11254 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11255 (Insufficient validation of untrusted input in Storage Access
API in Go ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11256 (Integer overflow in GPU in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11257 (Inappropriate implementation in Browser in Google Chrome prior
to 149. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11258 (Inappropriate implementation in File System Access in Google
Chrome pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11259 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11260 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11261 (Inappropriate implementation in PDF in Google Chrome prior to
149.0.78 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11262 (Use after free in TabStrip in Google Chrome prior to
149.0.7827.53 all ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11263 (Insufficient policy enforcement in WebAuthentication in Google
Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11264 (Policy bypass in Content Security Policy in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11265 (Inappropriate implementation in Autofill in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11266 (Inappropriate implementation in SafeBrowsing in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11267 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11268 (Uninitialized Use in ANGLE in Google Chrome on Windows prior
to 149.0. ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11269 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11270 (Inappropriate implementation in UI in Google Chrome on Android
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11271 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11272 (Insufficient validation of untrusted input in Reading List in
Google C ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11273 (Insufficient validation of untrusted input in Omnibox in
Google Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11274 (Inappropriate implementation in DOM Distiller in Google Chrome
on iOS ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11275 (Inappropriate implementation in Page Info in Google Chrome on
Android ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11276 (Inappropriate implementation in Cast in Google Chrome prior to
149.0.7 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11277 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11278 (Inappropriate implementation in CustomTabs in Google Chrome on
Android ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11279 (Out of bounds read in DevTools in Google Chrome prior to
149.0.7827.53 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11280 (Inappropriate implementation in Signin in Google Chrome on iOS
prior t ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11281 (Integer overflow in Chromoting in Google Chrome on Windows
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11282 (Insufficient policy enforcement in Sandbox in Google Chrome on
Linux p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11283 (Insufficient validation of untrusted input in Shortcuts in
Google Chro ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11284 (Side-channel information leakage in PerformanceAPIs in Google
Chrome p ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11285 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11286 (Insufficient validation of untrusted input in Wallet in Google
Chrome ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11287 (Insufficient policy enforcement in Navigation in Google Chrome
on Andr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11288 (Insufficient policy enforcement in CSS in Google Chrome prior
to 149.0 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11289 (Side-channel information leakage in Paint in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11290 (Integer overflow in WebView in Google Chrome on Android prior
to 149.0 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11291 (Inappropriate implementation in Android Autofill in Google
Chrome on A ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11292 (Insufficient policy enforcement in Blink in Google Chrome
prior to 149 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11293 (Use after free in Input in Google Chrome prior to
149.0.7827.53 allowe ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11294 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11295 (Inappropriate implementation in WebView in Google Chrome on
Android pr ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11296 (Inappropriate implementation in ImageCapture in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11297 (Insufficient validation of untrusted input in Reader Mode in
Google Ch ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11298 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11299 (Integer overflow in Fonts in Google Chrome prior to
149.0.7827.53 allo ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11300 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11301 (Inappropriate implementation in LiveCaption in Google Chrome
prior to ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11302 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11303 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11304 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11305 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11306 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11307 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11308 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-11309 (Insufficient policy enforcement in History in Google Chrome
prior to 1 ...)
+ {DSA-6325-1}
- chromium 149.0.7827.53-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9698
@@ -2883,7 +3342,7 @@ CVE-2026-XXXX [HTTP/2 Bomb denial of service]
NOTE: https://blog.calif.io/p/codex-discovered-a-hidden-http2-bomb
NOTE:
https://github.com/nginx/nginx/commit/365694160a85229a7cb006738de9260d49ff5fa2
(release-1.29.8)
CVE-2026-49975
- {DSA-6323-1}
+ {DSA-6323-1 DLA-4620-1}
- apache2 2.4.67-2 (bug #1138750)
NOTE: https://blog.calif.io/p/codex-discovered-a-hidden-http2-bomb
NOTE: https://github.com/icing/mod_h2/pull/324
@@ -10870,6 +11329,7 @@ CVE-2026-9277 (shell-quote's `quote()` function did not
validate object-token in
NOTE:
https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p
NOTE:
https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d
(v1.8.4)
CVE-2026-9256 (NGINX Plus and NGINX Open Source have a vulnerability in the
ngx_http_ ...)
+ {DSA-6326-1}
- nginx 1.30.1-3 (bug #1137339)
NOTE: https://my.f5.com/manage/s/article/K000161377
NOTE: Fixed by:
https://github.com/nginx/nginx/commit/3f135ae2eb60ce376196c898a6c7cb4d774f7068
(release-1.30.2)
@@ -15718,7 +16178,7 @@ CVE-2026-42945 (NGINX Plus and NGINX Open Source have a
vulnerability in the ngx
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/524977e7c534e87e5b55739fa74601c9f1102686
(release-1.30.1)
CVE-2026-42946 (A vulnerability exists in the ngx_http_scgi_moduleand
ngx_http_uwsgi_m ...)
- {DLA-4589-1}
+ {DSA-6326-1 DLA-4589-1}
- nginx 1.30.0-4
NOTE: https://my.f5.com/manage/s/article/K000161027
NOTE: https://nginx.org/en/security_advisories.html
@@ -16483,6 +16943,7 @@ CVE-2026-43892 (AntSword is a cross-platform website
management toolkit. Prior t
CVE-2026-43891 (changedetection.io is a free open source web page change
detection too ...)
NOT-FOR-US: changedetection.io
CVE-2026-43515 (Improper Authorization vulnerability when multiple method
constraints ...)
+ {DLA-4619-1}
- tomcat11 11.0.22-1
- tomcat10 10.1.55-1
- tomcat9 9.0.70-2
@@ -16492,6 +16953,7 @@ CVE-2026-43515 (Improper Authorization vulnerability
when multiple method constr
NOTE: Fixed by:
https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031
(9.0.118)
NOTE: https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb
CVE-2026-43514 (Observable Timing Discrepancy vulnerabilitywhen comparing AJP
secret i ...)
+ {DLA-4619-1}
- tomcat11 11.0.22-1
- tomcat10 10.1.55-1
- tomcat9 9.0.70-2
@@ -16501,6 +16963,7 @@ CVE-2026-43514 (Observable Timing Discrepancy
vulnerabilitywhen comparing AJP se
NOTE: Fixed by:
https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa
(9.0.118)
NOTE: https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m
CVE-2026-43513 (Improper Handling of Case Sensitivity vulnerability in
LockOutRealm in ...)
+ {DLA-4619-1}
- tomcat11 11.0.22-1
- tomcat10 10.1.55-1
- tomcat9 9.0.70-2
@@ -16510,6 +16973,7 @@ CVE-2026-43513 (Improper Handling of Case Sensitivity
vulnerability in LockOutRe
NOTE: Fixed by:
https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717
(9.0.118)
NOTE: https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp
CVE-2026-43512 (DEPRECATED: Authentication Bypass Issues vulnerability in
digest authe ...)
+ {DLA-4619-1}
- tomcat11 11.0.22-1
- tomcat10 10.1.55-1
- tomcat9 9.0.70-2
@@ -16549,6 +17013,7 @@ CVE-2026-42741 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2026-42541 (Kubewarden is a policy engine for Kubernetes. Prior to , An
attacker w ...)
NOT-FOR-US: Kubewarden
CVE-2026-42498 (Exposure of HTTP Authentication Header to unexpected hosts
during WebS ...)
+ {DLA-4619-1}
- tomcat11 11.0.22-1
- tomcat10 10.1.55-1
- tomcat9 9.0.70-2
@@ -16602,6 +17067,7 @@ CVE-2026-41551 (A vulnerability has been identified in
ROS# (All versions < V2.2
CVE-2026-41513 (Horilla is an HR and CRM software. In 1.5.0, the notification
endpoint ...)
NOT-FOR-US: Horilla
CVE-2026-41293 (Improper Input Validation vulnerability in Apache Tomcat.
This issue ...)
+ {DLA-4619-1}
- tomcat11 11.0.22-1
- tomcat10 10.1.55-1
- tomcat9 9.0.70-2
@@ -16617,6 +17083,7 @@ CVE-2026-41293 (Improper Input Validation vulnerability
in Apache Tomcat. This
NOTE: Fixed by: (9.0.118)
NOTE: https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r
CVE-2026-41284 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
+ {DLA-4619-1}
- tomcat11 11.0.22-1
- tomcat10 10.1.55-1
- tomcat9 9.0.70-2
@@ -36175,6 +36642,7 @@ CVE-2026-34734 (HDF5 is software for managing data. In
1.14.1-2 and earlier, a h
CVE-2026-34512 (OpenClaw before 2026.3.25 contains an improper access control
vulnerab ...)
NOT-FOR-US: OpenClaw
CVE-2026-34500 (CLIENT_CERT authentication does not fail as expected for some
scenario ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36184,6 +36652,7 @@ CVE-2026-34500 (CLIENT_CERT authentication does not
fail as expected for some sc
NOTE: Fixed by:
https://github.com/apache/tomcat/commit/ff589ab26e8250a2ca4286d986305318c033ff9f
(9.0.117)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/09/29
CVE-2026-34487 (Insertion of Sensitive Information into Log File vulnerability
in the ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36200,6 +36669,7 @@ CVE-2026-34486 (Missing Encryption of Sensitive Data
vulnerability in Apache Tom
NOTE: Fixed by:
https://github.com/apache/tomcat/commit/55f3eb9148233054fccfdf761141c6894a050be1
(10.1.54)
NOTE: Fixed by:
https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
(9.0.117)
CVE-2026-34483 (Improper Encoding or Escaping of Output vulnerability in the
JsonAcces ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36251,6 +36721,7 @@ CVE-2026-33773 (An Incorrect Initialization of Resource
vulnerability in the pac
CVE-2026-33771 (A Weak Password Requirements vulnerability in the password
management ...)
NOT-FOR-US: Juniper
CVE-2026-32990 (Improper Input Validation vulnerability in Apache Tomcat due
to an inc ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36266,6 +36737,7 @@ CVE-2026-2305 (The AddFunc Head & Footer Code plugin
for WordPress is vulnerable
CVE-2026-29923 (The pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736
allows ...)
NOT-FOR-US: EnTech Taiwan PowerStrip
CVE-2026-29146 (Padding Oracle vulnerability in Apache Tomcat's
EncryptInterceptor wit ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36280,6 +36752,7 @@ CVE-2026-29146 (Padding Oracle vulnerability in Apache
Tomcat's EncryptIntercept
NOTE:
https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
(9.0.117)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/09/24
CVE-2026-29145 (CLIENT_CERT authentication does not fail as expected for some
scenario ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36289,6 +36762,7 @@ CVE-2026-29145 (CLIENT_CERT authentication does not
fail as expected for some sc
NOTE: Fixed by:
https://github.com/apache/tomcat/commit/d1406df5ae0326f39f54c3f64ac30d8fca55cd5b
(9.0.116)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/09/23
CVE-2026-29129 (Configured cipher preference order not preserved vulnerability
in Apac ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36300,6 +36774,7 @@ CVE-2026-29129 (Configured cipher preference order not
preserved vulnerability i
CVE-2026-28704 (Emocheck insecurely loads Dynamic Link Libraries (DLLs). If a
crafted ...)
NOT-FOR-US: Emocheck
CVE-2026-25854 (Occasional URL redirection to untrusted Site ('Open Redirect')
vulnera ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
@@ -36311,6 +36786,7 @@ CVE-2026-25854 (Occasional URL redirection to untrusted
Site ('Open Redirect') v
CVE-2026-25203 (Samsung MagicINFO 9 Server Incorrect Default Permissions Local
Privile ...)
NOT-FOR-US: Samsung
CVE-2026-24880 (Inconsistent Interpretation of HTTP Requests ('HTTP
Request/Response S ...)
+ {DLA-4619-1}
- tomcat11 11.0.21-1 (bug #1133357)
- tomcat10 10.1.54-1 (bug #1133356)
- tomcat9 9.0.70-2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8991d738ad03f0663a3670b2aa412ce4670acc4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8991d738ad03f0663a3670b2aa412ce4670acc4
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
