Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome: Malicious websites can bypass security restrictions
CVE-2026-3934
Summary
A security flaw in older versions of Google Chrome's ChromeDriver allows a malicious website to break through security restrictions, potentially stealing sensitive information or taking control of your browser. This affects users who access the internet through Google Chrome, primarily those using automated tools or scripts to interact with web pages. Update to the latest version of Chrome to protect your browser.
Original title
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: ...
Original description
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026