Primary

Context

Google Chrome WebUSB Insufficient Policy Enforcement Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability in Google Chrome's WebUSB implementation, prior to version 146.0.7680.178, allowed remote attackers to access potentially sensitive information from process memory by using a specially crafted HTML page. This issue arose from inadequate policy enforcement in WebUSB.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information from process memory.

Remediation

Users can update to Google Chrome version 146.0.7680.178 or later to address this vulnerability.

Added: Apr 1, 2026, 5:24 AM

Updated: Apr 1, 2026, 5:24 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.4

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.4

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google Chrome WebUSB Insufficient Policy Enforcement Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Google Chrome

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating