VYPR
Unrated severityNVD Advisory· Published Jul 9, 2026

Debian chromium: Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on…

CVE-2026-15115

Description

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

Affected products

3
  • Google/Chromeinferred2 versions
    <150.0.7871.115+ 1 more
    • (no CPE)range: <150.0.7871.115
    • (no CPE)range: <150.0.7871.115
  • Range: <150.0.7871.115

Patches

Vulnerability mechanics

News mentions

1