Chromium: CVE-2026-11212 Insufficient policy enforcement in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11212

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

PT-2026-46620

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in DevTools allows an attacker to perform privilege escalation. This occurs when a user is convinced to install a crafted malicious Chrome Extension...

Chromium: CVE-2026-7937 Insufficient policy enforcement in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-28139

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: Low...

CVE-2026-7913

Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...

CVE-2026-5901

CVE-2026-5901 concerns insufficient policy enforcement in Chrome/Chromium DevTools, enabling a user-assisted attacker who installs a malicious extension to bypass enterprise host restrictions for cookie modification. The issue affects Chrome/Chromium builds prior to version 147.0.7727.55, with ad...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability caused by insufficient policy enforcement in DevTools, which can be exploited by an attacker to bypass navigation restrictions via specially crafted HTML pages...

chromium-browser: Insufficient policy enforcement in DevTools

DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension...

UBUNTU-CVE-2017-15393

Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak...