CVE Catalog

CVE-2026-13904

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

18th percentile — higher than 18% of all known CVEs

Summary

An inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Risk Assessment

An attacker could redirect the user to a malicious page, bypassing browser security, increasing the risk of phishing or malware infection.

Recommendation

Immediately update Google Chrome on iOS to version 150.0.7871.47 or later.

Original NVD description (English source)

Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS