CVE-2026-11668NVD

Vulnerability Summary

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High)

Severity Level

MEDIUM(4.3)

Published Date

Jun 9, 2026

Last Modified

Jun 10, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.03%Probability

Root Weakness (CWE)

CWE-457: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionRequired

ScopeUnchanged

ConfidentialityLow

IntegrityNone

AvailabilityNone

External References

https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html
https://issues.chromium.org/issues/515419790

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-11668NVD

Vulnerability Summary

External References