VYPR
Unrated severityNVD Advisory· Published Jul 16, 2026

Debian chromium: Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.…

CVE-2026-15768

Description

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

Affected products

2

Patches

Vulnerability mechanics

News mentions

1
CVE-2026-15768 · VYPR