You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 12015
About this tag
This tag covers CVE-2026-12015, a high-severity Chromium Autofill use-after-free vulnerability disclosed by Google on June 11, 2026. The bug was patched in Chrome version 149.0.7827.115 and allows a remote attacker with a compromised renderer process to read sensitive process memory via a crafted HTML page. While not a one-click browser takeover, it is a memory-safety flaw that defenders should not dismiss. The NVD record contains a version boundary discrepancy, with the fixed version listed as 149.0.7827.115 but the description stating the vulnerability affects versions prior to that. This tag aggregates discussions and updates about CVE-2026-12015, including patch guidance and analysis of the vulnerability's impact on Windows users running Chromium-based browsers.
Google disclosed CVE-2026-12015 on June 11, 2026, as a high-severity Chromium Autofill use-after-free bug fixed in Chrome 149.0.7827.115, allowing a remote attacker with a compromised renderer process to read potentially sensitive process memory through a crafted HTML page. The vulnerability is...