cve-2026-11097

CVE-2026-11097 is a medium-severity vulnerability in Chrome for Android WebView, published June 4, 2026, affecting Google Chrome on Android before version 149.0.7827.53. It allows a remote attacker to leak cross-origin data via a crafted HTML page. Discussions on WindowsForum highlight that the affected-product mapping may be incomplete, as it often omits Android-specific CPEs, creating asset-management challenges. While not a direct Windows vulnerability, this CVE illustrates how modern browser flaws can complicate inventory and patching across platforms, including Windows environments that use Chrome or WebView components. The tag covers fix details, CPE gaps, and inventory tips relevant to IT administrators managing mixed-platform deployments.