cve-2026-11263

CVE-2026-11263 is a low-severity Chromium WebAuthentication flaw affecting Google Chrome on Android before version 149.0.7827.53. Published by NVD on June 4, 2026, and mapped by NIST on June 8, this vulnerability highlights challenges in CPE (Common Platform Enumeration) taxonomy when a single advisory targets a mobile-only impact within a browser family. The discussion on WindowsForum.com explores how CPE entries feed scanners, asset inventories, and SBOM correlation engines, and why this particular CVE exposes awkwardness in vulnerability plumbing for Chrome on Android. The tag covers the technical details of the flaw, its CPE mapping, and broader implications for vulnerability management and software composition analysis.