Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Google Chrome allows data leak via crafted HTML in compromised renderer process
DEBIAN-CVE-2026-5918
Summary
A security issue in older versions of Google Chrome could allow an attacker who has already compromised the browser's inner workings to steal data from other websites. This is a low-risk issue, but it's still important to update your Chrome browser to the latest version to fix the problem. Make sure to update your browser as soon as possible to protect your data.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | chromium | All versions | – |
| debian | chromium | All versions | – |
| debian | chromium | All versions | – |
| debian | chromium | All versions | – |
Original title
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML pa...
Original description
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
osv CVSS3.1
4.3
- https://security-tracker.debian.org/tracker/CVE-2026-5918 Vendor Advisory
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026