Insecure Forms Remote Code Exec in Chrome <150.0.7871.115
CVE-2026-15125 Published on July 8, 2026

Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

NVD


Products Associated with CVE-2026-15125

Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.

 

Affected Versions

Google Chrome: