CVE-2026-12460

ADVISORY - debian

Summary

Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. (Chromium security severity: High)

chromium 149.0.7827.155-1 [bullseye] - chromium (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061268)

EPSS Score⁠: 0.00292 (0.206)

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Debian

CREATED

1 day ago

UPDATED

9 hours ago

ADVISORY IDCVE-2026-12460⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

13 hours ago

UPDATED

13 hours ago

ADVISORY IDCVE-2026-12460⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium