Monthly
Insufficient navigation policy enforcement in Google Chrome prior to 150.0.7871.115 enables site isolation bypass when a user visits a crafted HTML page. A remote, unauthenticated attacker (per CVSS PR:N) can exploit this to read limited cross-origin data, undermining Chrome's core renderer process separation architecture. No public exploit code or active exploitation has been identified; SSVC rates exploitation as none and technical impact as partial, consistent with the moderate CVSS 4.3 score.
Sandbox escape in Google Chrome desktop before 150.0.7871.47 lets an attacker who has already compromised the renderer process bypass Mojo IPC policy enforcement and break out of the sandbox using a crafted HTML page. This is a second-stage flaw in the Mojo inter-process communication layer rather than an initial-access bug, and Google itself rated the Chromium security severity as Low despite the NVD CVSS of 9.6. No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile).
Remote code execution in Google Chrome desktop versions prior to 150.0.7871.47 stems from insufficient policy enforcement in the WebHID component, letting a remote attacker who lures a victim to a crafted HTML page break out of intended HID access controls and run arbitrary code. Exploitation requires user interaction (visiting a malicious page) but no authentication, and no public exploit has been identified at time of analysis; EPSS is low at 0.21% (12th percentile). Notably, Google rates the Chromium security severity as 'Low' while the NVD-style CVSS is 8.8, a discrepancy worth weighing when prioritizing.
Insufficient policy enforcement in Chrome's DevTools component allows a crafted malicious extension to read potentially sensitive data from process memory. Affected versions are all Google Chrome releases prior to 150.0.7871.47 on desktop platforms. An attacker must first persuade a victim to install the malicious extension, after which the extension can silently extract in-memory data - including session tokens, credentials, or page content resident in the Chrome process - without triggering further user interaction. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
No-referrer policy bypass in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to capture referrer URL information that the browser was supposed to suppress. Exploitation requires user interaction - the victim must visit a crafted HTML page served by the attacker - and exploits a client-side enforcement gap (CWE-602) specific to the iOS build of Chrome. EPSS is 0.19% (9th percentile) and no active exploitation or KEV listing exists, consistent with the Low Chromium severity rating.
Navigation restriction bypass in Google Chrome prior to 150.0.7871.47 allows a remote attacker to circumvent network-layer policy enforcement by inducing a user to visit a specially crafted HTML page. Rooted in CWE-602 (client-side enforcement of server-side security), the flaw means Chrome's network policy checks governing navigation can be subverted client-side, yielding a low-integrity impact with no confidentiality or availability consequence. No public exploit has been identified and the EPSS exploitation probability stands at 0.18% (8th percentile), consistent with Chromium's own 'Low' severity rating - this is a low-urgency but genuine policy-enforcement gap.
Content Security Policy bypass in Google Chrome's Extensions subsystem prior to version 150.0.7871.47 allows an attacker who socially engineers a victim into installing a crafted malicious extension to circumvent CSP protections, yielding limited integrity impact. CVSS UI:R and EPSS at 0.12% (2nd percentile) confirm this is a low-probability, user-interaction-dependent attack with no confidentiality or availability consequence. No KEV listing, no known POC, and Google's own 'Low' severity rating collectively position this as a low operational priority despite broad product prevalence.
Privilege escalation in Google Chrome desktop before 150.0.7871.47 stems from insufficient policy enforcement in the Serial (Web Serial API) component, allowing a remote attacker who lures a victim to a crafted HTML page to escalate privileges within the browser. Note the signal conflict: NVD scores this 8.8 (High) with high confidentiality/integrity/availability impact, yet Chromium's own triage rates the security severity as Low. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS is very low at 0.17% (7th percentile).
Privilege escalation in Google Chrome desktop before 150.0.7871.47 stems from insufficient policy enforcement in the Bluetooth subsystem, letting a remote attacker who lures a victim to a crafted HTML page cross a security boundary the browser is supposed to guard. Google's Chrome release channel and the NVD-assigned CVSS 3.1 base score of 8.8 (High) diverge from Chromium's own internal 'Low' severity rating, signaling the practical impact is likely narrower than the raw score implies. There is no public exploit identified at time of analysis, and the EPSS probability is low at 0.17% (7th percentile), consistent with no active exploitation reported.
Site isolation bypass in Google Chrome's Media component on Windows allows remote attackers to circumvent cross-origin security boundaries by delivering a specially crafted HTML page to a victim. All Chrome for Windows releases prior to 150.0.7871.47 are affected. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; EPSS at 0.18% (8th percentile) and SSVC exploitation status of 'none' consistently indicate low current real-world risk despite the potential severity of an isolation bypass.
Insufficient navigation policy enforcement in Google Chrome prior to 150.0.7871.115 enables site isolation bypass when a user visits a crafted HTML page. A remote, unauthenticated attacker (per CVSS PR:N) can exploit this to read limited cross-origin data, undermining Chrome's core renderer process separation architecture. No public exploit code or active exploitation has been identified; SSVC rates exploitation as none and technical impact as partial, consistent with the moderate CVSS 4.3 score.
Sandbox escape in Google Chrome desktop before 150.0.7871.47 lets an attacker who has already compromised the renderer process bypass Mojo IPC policy enforcement and break out of the sandbox using a crafted HTML page. This is a second-stage flaw in the Mojo inter-process communication layer rather than an initial-access bug, and Google itself rated the Chromium security severity as Low despite the NVD CVSS of 9.6. No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile).
Remote code execution in Google Chrome desktop versions prior to 150.0.7871.47 stems from insufficient policy enforcement in the WebHID component, letting a remote attacker who lures a victim to a crafted HTML page break out of intended HID access controls and run arbitrary code. Exploitation requires user interaction (visiting a malicious page) but no authentication, and no public exploit has been identified at time of analysis; EPSS is low at 0.21% (12th percentile). Notably, Google rates the Chromium security severity as 'Low' while the NVD-style CVSS is 8.8, a discrepancy worth weighing when prioritizing.
Insufficient policy enforcement in Chrome's DevTools component allows a crafted malicious extension to read potentially sensitive data from process memory. Affected versions are all Google Chrome releases prior to 150.0.7871.47 on desktop platforms. An attacker must first persuade a victim to install the malicious extension, after which the extension can silently extract in-memory data - including session tokens, credentials, or page content resident in the Chrome process - without triggering further user interaction. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
No-referrer policy bypass in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to capture referrer URL information that the browser was supposed to suppress. Exploitation requires user interaction - the victim must visit a crafted HTML page served by the attacker - and exploits a client-side enforcement gap (CWE-602) specific to the iOS build of Chrome. EPSS is 0.19% (9th percentile) and no active exploitation or KEV listing exists, consistent with the Low Chromium severity rating.
Navigation restriction bypass in Google Chrome prior to 150.0.7871.47 allows a remote attacker to circumvent network-layer policy enforcement by inducing a user to visit a specially crafted HTML page. Rooted in CWE-602 (client-side enforcement of server-side security), the flaw means Chrome's network policy checks governing navigation can be subverted client-side, yielding a low-integrity impact with no confidentiality or availability consequence. No public exploit has been identified and the EPSS exploitation probability stands at 0.18% (8th percentile), consistent with Chromium's own 'Low' severity rating - this is a low-urgency but genuine policy-enforcement gap.
Content Security Policy bypass in Google Chrome's Extensions subsystem prior to version 150.0.7871.47 allows an attacker who socially engineers a victim into installing a crafted malicious extension to circumvent CSP protections, yielding limited integrity impact. CVSS UI:R and EPSS at 0.12% (2nd percentile) confirm this is a low-probability, user-interaction-dependent attack with no confidentiality or availability consequence. No KEV listing, no known POC, and Google's own 'Low' severity rating collectively position this as a low operational priority despite broad product prevalence.
Privilege escalation in Google Chrome desktop before 150.0.7871.47 stems from insufficient policy enforcement in the Serial (Web Serial API) component, allowing a remote attacker who lures a victim to a crafted HTML page to escalate privileges within the browser. Note the signal conflict: NVD scores this 8.8 (High) with high confidentiality/integrity/availability impact, yet Chromium's own triage rates the security severity as Low. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS is very low at 0.17% (7th percentile).
Privilege escalation in Google Chrome desktop before 150.0.7871.47 stems from insufficient policy enforcement in the Bluetooth subsystem, letting a remote attacker who lures a victim to a crafted HTML page cross a security boundary the browser is supposed to guard. Google's Chrome release channel and the NVD-assigned CVSS 3.1 base score of 8.8 (High) diverge from Chromium's own internal 'Low' severity rating, signaling the practical impact is likely narrower than the raw score implies. There is no public exploit identified at time of analysis, and the EPSS probability is low at 0.17% (7th percentile), consistent with no active exploitation reported.
Site isolation bypass in Google Chrome's Media component on Windows allows remote attackers to circumvent cross-origin security boundaries by delivering a specially crafted HTML page to a victim. All Chrome for Windows releases prior to 150.0.7871.47 are affected. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; EPSS at 0.18% (8th percentile) and SSVC exploitation status of 'none' consistently indicate low current real-world risk despite the potential severity of an isolation bypass.