Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity:...

DEBIAN-CVE-2026-3940
Summary

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

What to do
  • Update debian chromium to version 146.0.7680.71-1~deb12u1.
  • Update debian chromium to version 146.0.7680.71-1~deb13u1.
Affected software
VendorProductAffected versionsFix available
debian chromium All versions
debian chromium <= 146.0.7680.71-1~deb12u1 146.0.7680.71-1~deb12u1
debian chromium <= 146.0.7680.71-1~deb13u1 146.0.7680.71-1~deb13u1
debian chromium All versions
Original title
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity:...
Original description
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 14 Mar 2026