CVE-2026-12460

ADVISORY - debian

Summary

Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. (Chromium security severity: High)

chromium 149.0.7827.155-1 [bullseye] - chromium (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061268)

EPSS Score⁠: 0.00292 (0.206)

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.