CVE-2026-9989

Опубликовано: 28 мая 2026

Источник: debian

EPSS Низкий

Описание

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium	fixed	148.0.7778.215-1		package
chromium	end-of-life		bullseye	package

EPSS

Процентиль: 1%

0.00107

Низкий

Связанные уязвимости

CVE-2026-9989

CVSS3: 9.3

redhat

около 1 месяца назад

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)

CVE-2026-9989

CVSS3: 6.3

nvd

30 дней назад

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)

CVE-2026-9989

msrc

29 дней назад

Chromium: CVE-2026-9989 Inappropriate implementation in Media

GHSA-8g45-3jxc-cv2v

CVSS3: 6.3

github

30 дней назад

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)

openSUSE-SU-2026:20849-1

suse-cvrf

28 дней назад

Security update for chromium

EPSS

Процентиль: 1%

0.00107

Низкий