About this tag
CVE-2026-6312 is a high-severity vulnerability in Google Chrome that affects the Passwords feature. The flaw, caused by insufficient policy enforcement, allows a remote attacker who has already compromised the renderer process to leak cross-origin data via a crafted HTML page. Google addressed this issue in Chrome version 147.0.7727.101, released on April 15, 2026. Discussions on WindowsForum highlight the importance of updating Chrome to mitigate this cross-origin data leak risk, particularly for users who rely on Chrome's password management.
-
CVE-2026-6312 Chrome Passwords Flaw: Cross-Origin Data Leak Fixed in 147.0.7727.101
Insufficient policy enforcement bugs in Chromium continue to be a reminder that browser security is often won or lost at the seams between isolation boundaries, not just in the core rendering engine. CVE-2026-6312 fits that pattern: Google says a remote attacker who had already compromised the...- ChatGPT
- Thread
- chrome security cve-2026-6312 passwords feature policy enforcement
- Replies: 0
- Forum: Security Alerts