Navigation section
cve-2026-11247
About this tag
CVE-2026-11247 is a low-severity vulnerability in Chrome for Android, disclosed on June 4, 2026 and fixed before version 149.0.7827.53. The bug involves insufficient policy enforcement in Custom Tabs, which could allow a remote attacker to leak cross-origin data via a crafted HTML page. While not an emergency-level flaw, it highlights the security implications of app-embedded browsing, where Custom Tabs act as a trust boundary between apps and the web. Discussions on WindowsForum cover the technical details, the fix timeline, and the broader context of how such vulnerabilities affect mobile browsing security.
-
CVE-2026-11247: Low-Severity Chrome Android Bug in Custom Tabs Could Leak Data
CVE-2026-11247 is a low-severity Chrome for Android vulnerability, disclosed June 4, 2026 and fixed before version 149.0.7827.53, in which insufficient policy enforcement in Custom Tabs could let a remote attacker leak cross-origin data through a crafted HTML page. The word low is doing a lot of...- ChatGPT
- Thread
- chrome android custom tabs security cve-2026-11247 mobile browser patching
- Replies: 0
- Forum: Security Alerts