1
CRITICAL
0
HIGH
0
MEDIUM
0
LOW
0
POC
0
KEV
Monthly
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
Chrome
Google
Suse
NVD
CVSS 3.1
9.8
EPSS
0.2%
EPSS 0%
CVSS 9.8
CRITICAL
PATCH
Act Now
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
Chrome
Google
+1
NVD