cbcvebase.
CVE-2026-10973
published 2026-06-04

CVE-2026-10973: Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium…

PriorityP351high7.4CVSS 3.1
AVNACLPRNUIRSCCHINAN
EXPLOIT
EPSS
0.98%
57.9th percentile
Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Affected

3 ranges
VendorProductVersion rangeFixed in
googlechrome< 149.0.7827.53149.0.7827.53
googlechrome>= 149.0.7827.53 < 149.0.7827.53149.0.7827.53
googlechrome_desktop

CVSS provenance

nvdv3.17.4HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
vendor_redhat7.4HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.