CVE Catalog

CVE-2026-13790

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile — higher than 18% of all known CVEs

Summary

A side-channel information leakage vulnerability in the Scroll feature of Google Chrome prior to version 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. The issue is rated as High severity in Chromium security.

Risk Assessment

An attacker could exploit this flaw to steal sensitive cross-origin data, posing a risk to user privacy and data integrity within the organization.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later. Ensure that the update policy covers all workstations in the organization.

Original NVD description (English source)

Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS