CVE-2026-12440

ADVISORY - debian

Summary

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

chromium 149.0.7827.155-1 [bullseye] - chromium (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061268)

EPSS Score⁠: 0.00314 (0.229)

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.