Remote Code Execution Vulnerability in Google Chrome Browser
CVE-2026-15125

Currently unrated

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-15125?

An inappropriate implementation in the Forms component of Google Chrome prior to version 150.0.7871.115 permits remote attackers to execute arbitrary code within a sandbox environment through a specially crafted HTML page. This vulnerability could be exploited to bypass security mechanisms designed to isolate untrusted content from the user’s local environment, potentially leading to unauthorized access and manipulation of sensitive files.

Affected Version(s)

Chrome 150.0.7871.115

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.