By weakness (CWE)
CWE-91: related vulnerabilities
CVEs classified under CWE-91. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-11169HIGH 8.1
Google Chrome versions before 149.0.7827.53 contain a flaw in how they process XML files that allows attackers to inject malicious scripts or HTML content into a webpage, even when normal security protections should prevent it. An attacker would need to trick a user into opening a specially crafted XML file, but once successful, the injected code can execute with the same privileges as the user, potentially stealing data or taking other harmful actions. The vulnerability affects Chrome on Windows, macOS, and Linux systems.