CVE-2026-9115
MEDIUM
NVD
CVSS Score
4.3
Severity
MEDIUM
Published
May 20, 2026
Vendor
unknown
Description
Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)