Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome: Compromised Renderer Process Can Steal Clipboard Data
CVE-2026-3938
Summary
Google Chrome users who haven't updated to the latest version are at risk of having their clipboard data stolen by a malicious website. This is possible if an attacker has already taken control of the user's browser process. To stay safe, update to the latest version of Google Chrome.
Original title
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML ...
Original description
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026