Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Debian DSA |
DSA-6325-1 | chromium security update |
Mon, 08 Jun 2026 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Google android
|
|
| CPEs | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* cpe:2.3:o:google:android:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Google android
|
Sun, 07 Jun 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | chromium-browser: Insufficient validation of untrusted input in Tab Group Sync | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Fri, 05 Jun 2026 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Insufficient Input Validation in Chrome Tab Group Sync Enables Remote Script Injection (UXSS) |
Fri, 05 Jun 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Fri, 05 Jun 2026 05:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Google
Google chrome |
|
| Vendors & Products |
Google
Google chrome |
Fri, 05 Jun 2026 03:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Insufficient Input Validation in Chrome Tab Group Sync Enables Remote Script Injection (UXSS) |
Thu, 04 Jun 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chromium security severity: Medium) | |
| Weaknesses | CWE-20 | |
| References |
|
Status: PUBLISHED
Assigner: Chrome
Published:
Updated: 2026-06-05T19:14:53.119Z
Reserved: 2026-06-04T17:06:34.178Z
Link: CVE-2026-11034
Updated: 2026-06-05T19:13:38.439Z
Status : Analyzed
Published: 2026-06-04T23:17:07.517
Modified: 2026-06-08T13:38:42.100
Link: CVE-2026-11034
OpenCVE Enrichment
Updated: 2026-06-07T15:30:04Z
Debian DSA