GHSA-5cvc-pm9v-pw7pMediumCVSS 6.5

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125...

Published
July 14, 2026
Last Modified
July 15, 2026

🔗 CVE IDs covered (1)

📋 Description

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

🔗 References (4)