An AI policy enforcement weakness in Google Chrome versions before 148.0.7778.168 allows a remote attacker who has compromised the renderer process to bypass the browser’s Site Isolation boundary by loading a specially crafted HTML page. This bypass removes the separation normally enforced between sites, giving the attacker the ability to read or manipulate data from other origins and to execute actions that are normally restricted to a single site context. The flaw is rated Medium by the Chromium security team.

Any desktop installation of Google Chrome older than version 148.0.7778.168 is susceptible. The issue exists in the Chrome renderer process that handles HTML pages, independent of the operating system, as it is part of the same compile‑time code base for all desktop platforms.

The CVSS score of 3.1 rates this vulnerability as Low severity. The EPSS score of <1% suggests exploitation is unlikely to be widely observed at present, and the flaw is not listed in CISA’s KEV catalog. The flaw requires a prior compromise of a renderer process; if such access is obtained, the attacker could use a specially crafted HTML page to bypass Chrome’s Site Isolation, enabling cross‑origin data access or manipulation. Overall, the risk is low given the need for a precondition but remains limited by the low exploitation probability indicated by the EPSS metric.