You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-6312
About this tag
CVE-2026-6312 is a high-severity vulnerability in Google Chrome that affects the Passwords feature. The flaw, caused by insufficient policy enforcement, allows a remote attacker who has already compromised the renderer process to leak cross-origin data via a crafted HTML page. Google addressed this issue in Chrome version 147.0.7727.101, released on April 15, 2026. Discussions on WindowsForum highlight the importance of updating Chrome to mitigate this cross-origin data leak risk, particularly for users who rely on Chrome's password management.
Insufficient policy enforcement bugs in Chromium continue to be a reminder that browser security is often won or lost at the seams between isolation boundaries, not just in the core rendering engine. CVE-2026-6312 fits that pattern: Google says a remote attacker who had already compromised the...