Insufficient policy enforcement in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
Google Chrome | Chromium
Exploit
CVE-2026-11292
NVD
Refer to CVE-2026-11292 NVD advisory