VYPR
Medium severity6.5NVD Advisory· Published Apr 8, 2026· Updated Apr 13, 2026

CVE-2026-5903

CVE-2026-5903

Description

Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

Affected products

6

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.

CVE-2026-5903 · Medium · VYPR