CVE-2026-9115: Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a…

medium4.3CVSS 3.1

AVNACLPRNUIRSUCLINAN

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

Affected

3 ranges

Vendor	Product	Version range	Fixed in
google	chrome	< 148.0.7778.179	148.0.7778.179
google	chrome	>= 148.0.7778.179 < 148.0.7778.179	148.0.7778.179
google	chrome_desktop	—	—