CVE-2026-15768
Google Chrome prior to 150.0.7871.125 is affected by an HTML-in-Canvas policy enforcement flaw that allows a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability stems from insufficient policy enforcement in the HTML-in-Canvas component. Impact is described ...