How severe is CVE-2026-0628?

CVE-2026-0628 has a CVSS v3 score of 8.8 (HIGH).

CVE-2026-0628

Name: chrome
Author: google

8.8HIGH

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privi

Veröffentlicht: 1/7/2026Aktualisiert: 1/12/2026

Beschreibung

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

KI-AnalyseKI-gestützt

Betroffene Produkte

googlechrome

Referenzen

https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop.html
Release Notes
https://issues.chromium.org/issues/463155954
Issue TrackingPermissions Required