CVE-2026-13977
CVE-2026-13977 describes an inappropriate implementation in Chrome’s HTMLParser that allows a remote attacker to perform UXSS (script/HTML injection) via a crafted HTML page, affecting Chrome versions prior to 150.0.7871.47. The vulnerability is driven by the HTMLParser handling vulnerabilities i...