CVE 9.1 CRITICAL

CVE-2026-13872_CVE-2026-13872

9.1 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Description

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: Medium)

AI Analysis

Sandbox escape vulnerability in Google Chrome due to insufficient validation of untrusted input

Basic Information

ID CVE-2026-13872
Source Chrome
Published Jun 30, 2026 at 22:38
Modified Jul 1, 2026 at 14:26

Affected Product

Vendor Google
Product Chrome
Version 150.0.7871.47
Affected Versions Google Chrome 150.0.7871.47

CWE Classification

AI Assessment

AI Score 9.1 / 10
AI Severity Critical
Vendor Google
Product Google Chrome
Version 150.0.7871.47

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.