Unrated severityNVD Advisory· Published Jul 16, 2026
Debian chromium: Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.…
CVE-2026-15768
Description
Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
Affected products
2Patches
Vulnerability mechanics
News mentions
1- Chrome 150 Security Update Patches 15 Flaws, Including Two Critical Code Execution OnesCyber Security News · Jul 15, 2026