Remote Data Exposure Vulnerability in Google Chrome
CVE-2026-12446

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12446?

A vulnerability in Google Chrome prior to version 149.0.7827.155 allows remote attackers to expose sensitive cross-origin data. This is made possible through a specially crafted HTML page that can be used to manipulate data flows and harvest information without user consent. Users and administrators are urged to update to the latest version to mitigate potential risks.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/513313107

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12446 Data

JSON