CVE-2026-12459

ADVISORY - debian

Summary

Inappropriate implementation in Serial in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

chromium 149.0.7827.155-1 [bullseye] - chromium (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061268)

EPSS Score⁠: 0.00268 (0.182)

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Debian

CREATED

1 day ago

UPDATED

9 hours ago

ADVISORY IDCVE-2026-12459⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

13 hours ago

UPDATED

13 hours ago

ADVISORY IDCVE-2026-12459⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium