exploitDog

GHSA-j54v-ww9j-cr6r

Опубликовано: 09 апр. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. (Chromium security severity: Low)

Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. (Chromium security severity: Low)

Ссылки

EPSS

Процентиль: 3%

0.00016

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-693

Связанные уязвимости

CVE-2026-5896

ubuntu

6 дней назад

Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5896

CVSS3: 6.1

redhat

8 дней назад

A policy bypass flaw was found in the Audio component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=40064543

CVE-2026-5896

nvd

6 дней назад

Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5896

msrc

4 дня назад

Chromium: CVE-2026-5896 Policy bypass in Audio

CVE-2026-5896

debian

6 дней назад

Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed ...

EPSS

Процентиль: 3%

0.00016

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-693