CVE-2026-13921
CVE-2026-13921 affects Google Chrome before 150.0.7871.47. The issue is insufficient validation of untrusted input in DeviceBoundSessionCredentials, enabling a remote attacker to bypass the same-origin policy via a crafted HTML page. This is documented across NVD entries (CVE-2026-13921) with a M...