Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Security update for chromium, noopenh264 (important)

openSUSE Security Update: Security update for chromium, noopenh264 Announcement ID: openSUSE-SU-2026:0006-1 Rating: important References: 1256067 Cross-References: CVE-2026-0628 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description:...

Security update for chromium, noopenh264 (important)

openSUSE Security Update: Security update for chromium, noopenh264 Announcement ID: openSUSE-SU-2026:0004-1 Rating: important References: 1256067 Cross-References: CVE-2026-0628 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description:...

Exploit for CVE-2026-0628

CVE-2026-0628-POC Prueba de concepto PoC para CVE-2026-0628,...

CVE-2026-0628

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

DEBIAN-CVE-2026-0628

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-0628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extensio...

CVE-2026-0628

CVE-2026-0628 involves insufficient policy enforcement in Chrome/Chromium WebView handling, allowing a user to be convinced to install a malicious extension that can inject scripts or HTML into a privileged page. Affected software is Chromium-based and prior to version 143.0.7499.192 (Chrome desk...

CVE-2026-0628

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

Simple bug could lead to RCE flaw on apps built with Electron Framework

A critical remote code execution vulnerability has been discovered in the popular Electron web application framework that could allow attackers to execute malicious code on victims' computers. Electron is an open source app development framework that powers thousands of widely-used desktop...

GHSA-8XWG-WV7V-4VQP Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration

A vulnerability has been discovered which allows Node.js integration to be re-enabled in some Electron applications that disable it. For the application to be impacted by this vulnerability it must meet all of these conditions - Runs on Electron 1.7, 1.8, or a 2.0.0-beta - Allows execution of...