cve-2026-13881

  1. CVE-2026-13881: Chrome WebAppInstalls Same-Origin Bypass (Patch to 150.0.7871.47)

    Google Chrome users running builds earlier than 150.0.7871.47 should treat CVE-2026-13881 as patched but not yet fully explained: the flaw was published June 30, 2026, affects Chrome’s WebAppInstalls component, and can let a crafted HTML page bypass the browser’s same-origin policy. That is the...