CVE-2026-0628 – Google Chrome WebView Policy Enforcement Bypass

CVE ID : CVE-2026-0628

Published : Jan. 6, 2026, 11:57 p.m. | 30 minutes ago

Description : Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…