CVE-2026-12024 PUBLISHED

Assigner: Chrome
Reserved: 11.06.2026 Published: 11.06.2026 Updated: 12.06.2026

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

Product Status

Vendor Google
Product Chrome
Versions
  • affected from 149.0.7827.115 to 149.0.7827.115 (excl.)

References

Problem Types

  • Insufficient policy enforcement