CVE-2026-12438

ADVISORY - debian

Summary

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

chromium 149.0.7827.155-1 [bullseye] - chromium (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061268)

EPSS Score⁠: 0.00293 (0.207)

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Debian

CREATED

1 day ago

UPDATED

9 hours ago

ADVISORY IDCVE-2026-12438⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

13 hours ago

UPDATED

13 hours ago

ADVISORY IDCVE-2026-12438⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium