CVE Catalog

CVE-2026-13818

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

19th percentile — higher than 19% of all known CVEs

Summary

An inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. The issue is rated as high severity.

Risk Assessment

An attacker could exploit this vulnerability to bypass navigation restrictions, potentially leading to unauthorized access to browser data or functionality.

Recommendation

Update Google Chrome to version 150.0.7871.47 or later immediately, which includes the fix.

Original NVD description (English source)

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS