Insufficient policy enforcement in DevTools in Google Chrome prior to 149
Published Jun 11, 2026
Modified Yesterday
Fix available
Details
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
Affected Packages
Google Chrome
Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)