Security Risk Category
same-origin-policy Security Risks
Published vulnerability pages connected to same-origin-policy. One risk can appear in multiple categories while keeping one canonical page.
same-origin-policy risks
Showing 2 of 2 published risks.
lowEPSS 0.001
Google Chrome Android WebAppInstalls Same-Origin Policy Bypass Vulnerability
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15115chromechromiumbrowserandroid
Updated Jul 10, 2026
mediumEPSS 0.002
Google Chrome Passwords Same-Origin Policy Bypass Vulnerability
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15124chromechromiumbrowserpasswords
Updated Jul 10, 2026
