Home

Description

Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. (Chromium security severity: High)

PUBLISHED Reserved 2026-02-23 | Published 2026-02-23 | Updated 2026-02-25 | Assigner Chrome

Problem types

Inappropriate implementation

Product status

145.0.7632.116 (custom) before 145.0.7632.116
affected

References

chromereleases.googleblog.com/...-update-for-desktop_23.html

issues.chromium.org/issues/485287859

cve.org (CVE-2026-3063)

nvd.nist.gov (CVE-2026-3063)

Download JSON