How severe is CVE-2026-0628?

CVE-2026-0628 has a CVSS v3 score of 8.8 (HIGH).

CVE-2026-0628

Name: chrome
Author: google

8.8HIGH

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privi

게시됨: 1/7/2026업데이트됨: 1/12/2026

설명

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

AI 분석AI 기반

영향받는 제품

googlechrome

참조

https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop.html
Release Notes
https://issues.chromium.org/issues/463155954
Issue TrackingPermissions Required