Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Chrome | affected |
|
Configuration 1 [-]
| AND |
|
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Debian DSA |
DSA-6325-1 | chromium security update |
Sun, 07 Jun 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Insufficient Policy Enforcement in Chrome CustomTabs Leading to Cross-Origin Data Leakage | chromium-browser: Insufficient policy enforcement in CustomTabs |
| Weaknesses | CWE-346 | |
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Fri, 05 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Google android
|
|
| CPEs | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* cpe:2.3:o:google:android:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Google android
|
Fri, 05 Jun 2026 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Insufficient Policy Enforcement in Chrome CustomTabs Leading to Cross-Origin Data Leakage |
Fri, 05 Jun 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome CustomTabs Android Cross‑Origin Data Leakage Before 149.0.7827.53 | |
| Weaknesses | CWE-200 |
Fri, 05 Jun 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-693 | |
| Metrics |
cvssV3_1
|
Fri, 05 Jun 2026 00:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome CustomTabs Android Cross‑Origin Data Leakage Before 149.0.7827.53 | |
| First Time appeared |
Google
Google chrome |
|
| Weaknesses | CWE-200 | |
| Vendors & Products |
Google
Google chrome |
Thu, 04 Jun 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: Chrome
Published:
Updated: 2026-06-05T12:40:47.417Z
Reserved: 2026-06-04T17:11:03.303Z
Link: CVE-2026-11247
Vulnrichment
Updated: 2026-06-05T12:40:34.671Z
NVD
Status : Analyzed
Published: 2026-06-05T00:17:01.130
Modified: 2026-06-05T20:40:23.357
Link: CVE-2026-11247
Redhat
OpenCVE Enrichment
Updated: 2026-06-07T17:00:05Z