Inappropriate Script Execution Flaw in Google Chrome Browser
CVE-2026-12459

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12459?

A serious vulnerability in Google Chrome prior to version 149.0.7827.155 permits remote attackers to execute arbitrary scripts or HTML code through specially crafted HTML pages. This weakness arises from inappropriate implementation in the Serial component, exposing users to untrusted content that could lead to significant security risks.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/517406035

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12459 Data

JSON