CVE-2026-5894

Опубликовано: 08 апр. 2026

Источник: debian

EPSS Низкий

Описание

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium	fixed	147.0.7727.55-1		package
chromium	end-of-life		bullseye	package

EPSS

Процентиль: 3%

0.00016

Низкий

Связанные уязвимости

CVE-2026-5894

ubuntu

6 дней назад

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5894

CVSS3: 5.4

redhat

6 дней назад

A flaw was found in the PDF component of Google Chrome and Chromium. A remote attacker could exploit this vulnerability by tricking a user into opening a specially crafted HTML page. This could allow the attacker to bypass navigation restrictions, potentially leading to unintended actions or access within the browser.

CVE-2026-5894

nvd

6 дней назад

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5894

msrc

4 дня назад

Chromium: CVE-2026-5894 Inappropriate implementation in PDF

GHSA-w92q-q263-3p4v

github

6 дней назад

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

EPSS

Процентиль: 3%

0.00016

Низкий