Insufficient Input Validation in Chrome on Android Affects Multiple Users
CVE-2026-15115

Currently unrated

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-15115?

A vulnerability exists in Google Chrome for Android that allows a local attacker to bypass the same origin policy through insufficient validation of untrusted input in the WebAppInstalls feature. This flaw enables attackers to potentially execute unauthorized actions via a specially crafted HTML page, compromising the security and integrity of user data.

Affected Version(s)

Chrome 150.0.7871.115

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.