CVE-2026-13818
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk19th percentile — higher than 19% of all known CVEs
Summary
An inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. The issue is rated as high severity.
Risk Assessment
An attacker could exploit this vulnerability to bypass navigation restrictions, potentially leading to unauthorized access to browser data or functionality.
Recommendation
Update Google Chrome to version 150.0.7871.47 or later immediately, which includes the fix.
Original NVD description (English source)
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

