In Chrome versions prior to 147.0.7727.55, a flaw in PDF handling allows a remote attacker to craft an HTML page that forces the browser to navigate to an arbitrary URL while bypassing the browser’s navigation restrictions. The inappropriate implementation in the PDF component leads to a controlled redirect that does not honor the usual security checks. This can enable an attacker to direct a user to malicious sites, potentially facilitating phishing or other social engineering attacks. The vulnerability does not provide direct code execution and is classified with low severity by Chromium security. While the impact is limited, the fact that a crafted page can alter navigation flows could be leveraged in malicious campaigns.

All installations of Google Chrome before release 147.0.7727.55 on desktop platforms are affected. The issue applies to all operating systems supported by the stable channel as it stems from the core PDF rendering engine shared across them.

The CVSS assessment rates this vulnerability as low and the EPSS score is not available, indicating a lower likelihood of widespread exploitation. The flaw can be triggered from any web page that the victim visits, requiring no local privileges or advanced setup. Attackers could embed the crafted page in a website or email to exploit the navigation bypass. Although not currently listed in the CISA KEV catalog, the risk is moderate due to the potential for phishing campaigns that rely on redirecting users to attacker-controlled domains.