Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
3.1
Autofill Data Exposed on Google Chrome with Malicious Webpage Interaction
CVE-2026-0102
Summary
If a user interacts with a malicious website in Google Chrome under specific circumstances, their stored autofill data like addresses, email, or phone numbers may be revealed without their consent. This could lead to sensitive information being exposed. To protect your data, ensure you're using the latest version of Google Chrome and avoid interacting with suspicious websites.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| microsoft | edge_chromium | <= 145.0.3800.58 | – |
Original title
Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of ...
Original description
Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.
nvd CVSS3.1
3.1
Vulnerability type
CWE-359
Published: 17 Feb 2026 · Updated: 14 Mar 2026 · First seen: 6 Mar 2026