Impact
An inappropriate implementation in the CSS handling of Google Chrome prior to version 150.0.7871.47 allows a maliciously crafted web page to cause the browser to expose data that originates from a different origin. This flaw undermines the confidentiality of cross‑origin content and is classified by Chromium as low severity.
Affected Systems
Google Chrome desktop browsers older than 150.0.7871.47 are affected. No other variants are mentioned.
Risk and Exploitability
The CVSS score is not publicly disclosed, EPSS is unavailable, and the vulnerability is not listed in CISA KEV. The attack vector is inferred to be a remote web‑page that a victim must visit; therefore, successful exploitation requires user interaction and there are no known public exploits at the time of this record.
OpenCVE Enrichment