Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)
AnalysisAI
Insufficient policy enforcement in Google Chrome for iOS (prior to 149.0.7827.53) enables remote attackers to bypass discretionary access controls by directing a victim to a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) confirms the attack is network-reachable, requires no authentication, and produces a limited integrity impact with no confidentiality or availability consequences. No public exploit has been identified at time of analysis, and the EPSS score of 0.02% (4th percentile) reflects very low exploitation probability; Chromium internally rated this Low severity.
Technical ContextAI
The affected component is Chrome's iOS-specific policy enforcement layer, which governs discretionary access control (DAC) decisions within the browser sandbox. CWE-284 (Improper Access Control) identifies the root cause as a failure to consistently apply security policies - a class of bug that commonly arises when a platform-specific code path (here, the iOS port of Chromium) diverges from the reference implementation's access control logic. Affected versions are all Chrome for iOS releases prior to 149.0.7827.53, as confirmed by the EUVD affected-version range 'Chrome 149.0.7827.53 <149.0.7827.53'. No CPE string was provided in the input data; the product scope is limited to the iOS platform variant of Chrome and does not affect Chrome on other operating systems based on available information.
RemediationAI
Update Google Chrome for iOS to version 149.0.7827.53 or later, which contains the vendor-released patch for this issue. The fix is documented in the Chrome Stable Channel Update advisory at http://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html. Users on iOS should apply the update via the App Store. Because the CVSS scope is Unchanged (S:U) and impact is limited to integrity (I:L), no emergency out-of-band response is required for most organizations; inclusion in the next routine patch cycle is appropriate. No explicit workarounds are documented in available references. If immediate update is not operationally feasible, restricting access to untrusted web content via MDM-managed URL filtering on supervised iOS devices would reduce exposure, with the trade-off of impacting general browsing functionality.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allVendor StatusVendor
SUSE
Severity: Medium| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34738
GHSA-2qm3-qr87-f567