Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Old Google Chrome Allows Attackers to Steal Data Across Websites
CVE-2026-5918
Summary
A security flaw in old versions of Google Chrome allows a hacker who has taken control of a user's browsing session to steal sensitive information from other websites. This is a concern because it could allow a malicious website to access private data from other sites. To protect yourself, update to the latest version of Google Chrome.
Original title
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML pa...
Original description
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Vulnerability type
CWE-346
CWE-352
Cross-Site Request Forgery (CSRF)
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026