CVE-2026-6312: Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to…

CVE-2026-6312 [LOW] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2026-6312 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2026-6312

CVE-2026-6312 [LOW] CWE-346 chromium-browser: Insufficient policy enforcement in Passwords chromium-browser: Insufficient policy enforcement in Passwords An insufficient policy enforcement flaw was found in the Passwords component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=498269651 Statement: Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

CVE-2026-6311 [HIGH] Stable Channel Update for Desktop: CVE-2026-6311 Stable Channel Update for Desktop CVE-2026-6311: Uninitialized Use in Accessibility. Reported by Google on 2026-03-31 [N/A][ 498269651 ] High CVE-2026-6312: Insufficient policy enforcement in Passwords Reported by Google on 2026-03-31 [N/A][ 498765210 ] High CVE-2026-6313: Insufficient policy enforcement in CORS Severity: high

CVE-2026-6312 [LOW] Google Chrome up to 147.0.7727.55 Passwords cross-domain policy (ID 498269 / Nessus ID 307658) A vulnerability, which was classified as problematic, has been found in Google Chrome. The impacted element is an unknown function of the component Passwords. Performing a manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability is identified as CVE-2026-6312. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

CVE-2026-6312 [LOW] GHSA-qg3c-xm7q-9c4x: Insufficient policy enforcement in Passwords in Google Chrome prior to 147 Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

CVE-2026-6299 [HIGH] CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE- CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE-2026-6363 ... chromium: various flaws [fedora-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-6299 [HIGH] CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE- CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE-2026-6363 ... chromium: various flaws [epel-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-6312 [LOW] CVE-2026-6312 Google Chrome: Chromium: Google Chrome: Information disclosure via insufficient policy enforcement in Passwords CVE-2026-6312 Google Chrome: Chromium: Google Chrome: Information disclosure via insufficient policy enforcement in Passwords Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)