exploitDog

GHSA-jj38-mp8f-h2ph

Опубликовано: 09 апр. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low)

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low)

Ссылки

EPSS

Процентиль: 1%

0.00008

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-602

Связанные уязвимости

CVE-2026-5901

ubuntu

6 дней назад

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low)

CVE-2026-5901

CVSS3: 3.9

redhat

8 дней назад

A policy bypass flaw was found in the DevTools component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=479673903

CVE-2026-5901

nvd

6 дней назад

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low)

CVE-2026-5901

msrc

4 дня назад

Chromium: CVE-2026-5901 Policy bypass in DevTools

CVE-2026-5901

debian

6 дней назад

Insufficient policy enforcement in DevTools in Google Chrome prior to ...

EPSS

Процентиль: 1%

0.00008

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-602