CVE-2026-8576
MEDIUM4.3CVSS v3
—CVSS v2
0.03%
EPSS (exploit probability)
CWE-942CWE
Description
Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected routers (0)
No routers currently mapped to this CVE in our database.