Severity by source
AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. (Chromium security severity: Medium)
AnalysisAI
Insufficient policy enforcement in PWA installation within Google Chrome prior to version 147.0.7727.55 allows a local attacker with renderer process compromise to install a Progressive Web App without user consent via a crafted HTML page. This vulnerability requires prior compromise of the renderer process and user interaction, resulting in high integrity and availability impact. The issue carries a low real-world exploitation probability (EPSS 0.03%), reflecting the significant prerequisites needed to trigger the vulnerability.
Technical ContextAI
Progressive Web Apps (PWAs) in Chromium-based browsers rely on policy enforcement mechanisms to validate user consent before installation. This vulnerability stems from insufficient validation of PWA installation policies when the renderer process is compromised. The underlying issue is classified as CWE-1268 (Improper Enforcement of Message Ordering in Communication Channel), indicating a breakdown in the trust boundary between the renderer and browser processes. The vulnerability affects Google Chrome on all platforms covered by the CPE string cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*, meaning all architectures and configurations of Chrome versions prior to the patch.
RemediationAI
Update Google Chrome to version 147.0.7727.55 or later immediately. The vendor-released patch is available and should be deployed via the automatic update mechanism in Chrome, which prompts users to restart the browser to apply the fix. Users on managed environments should verify that Chrome updates are deployed across their estate. No known workarounds are available for users unable to patch immediately; instead, restrict access to untrusted websites and disable PWA installation from the Chrome settings (Settings > Apps > Install apps and extensions) as a temporary mitigation. Refer to the official Chrome Releases advisory at https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html for confirmation of patch availability.
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, a
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, do
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderb
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Conta
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbi
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and Se
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Medium| Product | Status |
|---|---|
| SUSE Package Hub 15 SP6 | Fixed |
| openSUSE Leap 15.6 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP6 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-20711
GHSA-x56m-fjh7-273x