CVE-2026-13795
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk16th percentile — higher than 16% of all known CVEs
Summary
Insufficient policy enforcement in Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to bypass navigation restrictions via a crafted HTML page. The vulnerability has a Chromium security severity of High.
Risk Assessment
An attacker could exploit this flaw to redirect users to malicious sites or bypass browser security controls, potentially leading to data theft or further compromise.
Recommendation
Immediately update Chrome on iOS to version 150.0.7871.47 or later, which includes the fix for this vulnerability.
Original NVD description (English source)
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

