CVE-2026-5894

Опубликовано: 08 апр. 2026

Источник: redhat

CVSS3: 5.4

Описание

A flaw was found in the PDF component of Google Chrome and Chromium. A remote attacker could exploit this vulnerability by tricking a user into opening a specially crafted HTML page. This could allow the attacker to bypass navigation restrictions, potentially leading to unintended actions or access within the browser.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-346

https://bugzilla.redhat.com/show_bug.cgi?id=2456807Google Chrome: Chromium: Google Chrome/Chromium: Navigation restriction bypass via crafted HTML page

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2026-5894

ubuntu

6 дней назад

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5894

nvd

6 дней назад

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2026-5894

msrc

4 дня назад

Chromium: CVE-2026-5894 Inappropriate implementation in PDF

CVE-2026-5894

debian

6 дней назад

Inappropriate implementation in PDF in Google Chrome prior to 147.0.77 ...

GHSA-w92q-q263-3p4v

github

6 дней назад

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

5.4 Medium

CVSS3