exploitDog

GHSA-vv23-jmr5-38v3

Опубликовано: 09 апр. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

Ссылки

EPSS

Процентиль: 5%

0.0002

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2026-5919

CVSS3: 6.5

ubuntu

6 дней назад

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5919

CVSS3: 7.7

redhat

8 дней назад

An insufficient validation of untrusted input flaw was found in the WebSockets component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=483423893

CVE-2026-5919

CVSS3: 6.5

nvd

6 дней назад

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5919

msrc

4 дня назад

Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets

CVE-2026-5919

CVSS3: 6.5

debian

6 дней назад

Insufficient validation of untrusted input in WebSockets in Google Chr ...

EPSS

Процентиль: 5%

0.0002

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20