CVE-2026-3934

Published: Mar 11, 2026 Last Modified: Mar 16, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,5

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: none

Integrity: high

Availability: none

Description

AI Translation Available

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,0th

Updated

EPSS Score Trend (Last 6 Days)

284

Improper Access Control

Incomplete

Abstraction: Pillar Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

Technologies: ICS/OT, Not Technology-Specific, Web Based

View CWE Details

Application

Chrome by Google

Product Information

Vendor Google

Product Chrome

Version Range Affected

To 146.0.7680.71 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://chromereleases.googleblog.com/2026/03/stable-channe…

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop…

https://issues.chromium.org/issues/478783560

CVE-2026-3934

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 6 Days)

Improper Access Control

Common Consequences

Applicable Platforms

Chrome by Google

Product Information

Iscriviti alla newsletter