Insufficient Policy Enforcement in Google Chrome by Google
CVE-2026-15124

Currently unrated

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-15124?

A significant vulnerability in Google Chrome prior to version 150.0.7871.115 has been identified, allowing remote attackers to exploit insufficient policy enforcement related to password management. By crafting a malicious HTML page, an attacker can successfully bypass the same origin policy, potentially compromising user data and security. This vulnerability underscores the importance of routine updates and vigilance in managing software security protocols.

Affected Version(s)

Chrome 150.0.7871.115

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.