CVE-2026-13790
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk18th percentile — higher than 18% of all known CVEs
Summary
A side-channel information leakage vulnerability in the Scroll feature of Google Chrome prior to version 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. The issue is rated as High severity in Chromium security.
Risk Assessment
An attacker could exploit this flaw to steal sensitive cross-origin data, posing a risk to user privacy and data integrity within the organization.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later. Ensure that the update policy covers all workstations in the organization.
Original NVD description (English source)
Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

