CVE Catalog
CVE-2026-11035
HighCVSS 7.3Summary
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to version 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file.
Risk Assessment
A local attacker could exploit this vulnerability to gain elevated privileges, potentially leading to unauthorized access to user data.
Recommendation
It is recommended to update Google Chrome to version 149.0.7827.53 or later to mitigate the risk associated with this vulnerability.
Original NVD description (English source)
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. (Chromium security severity: Medium)

