Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
Metrics
Affected Vendors & Products
References
History
Fri, 29 May 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Android Site Isolation Bypass via Crafted HTML | chromium-browser: Inappropriate implementation in Input |
| Weaknesses | CWE-653 | |
| References |
| |
| Metrics |
threat_severity
|
cvssV3_1
|
Thu, 28 May 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Android Site Isolation Bypass via Crafted HTML | |
| First Time appeared |
Google
Google chrome |
|
| Weaknesses | CWE-284 CWE-305 |
|
| Vendors & Products |
Google
Google chrome |
Thu, 28 May 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | |
| References |
|
Status: PUBLISHED
Assigner: Chrome
Published:
Updated: 2026-05-28T22:25:54.027Z
Reserved: 2026-05-28T17:25:13.604Z
Link: CVE-2026-10010
No data.
Status : Awaiting Analysis
Published: 2026-05-28T23:16:42.840
Modified: 2026-05-29T02:36:13.047
Link: CVE-2026-10010
OpenCVE Enrichment
Updated: 2026-05-28T23:30:26Z