Security Flaw in Google Chrome Extensions from Google
CVE-2026-12456

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12456?

A security issue exists within Google Chrome Extensions prior to version 149.0.7827.155, where an attacker could exploit this flaw by persuading users to install a malicious extension. This vulnerability permits the circumvention of the same origin policy, posing significant risks to user data and privacy. Users are advised to update their Chrome browser to the latest version to mitigate associated risks.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/517124587

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12456 Data

JSON