[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"public-cve-CVE-2026-12025":3,"news-by-cve-CVE-2026-12025-10":59},{"assigner_org":4,"nvd_cvss_score":5,"kev_ransomware_use":6,"id":7,"date_published":8,"cvss_score":5,"cvss_severity":9,"cvss_source":10,"description":11,"attack_techniques":12,"has_attack_graph":20,"source_identifier":21,"in_kev":6,"exploit_count":22,"affected_product_count":23,"sectors":24,"vendor_context":26,"references_preview":35,"sources":41,"assigner_short_name":4,"nvd_cvss_severity":9,"has_exploit":6,"has_solution":6,"nuclei_template_count":22,"has_nuclei_templates":6,"nvd_cvss_vector":42,"date_updated":43,"cvss_vector":42,"attack_technique_count":23,"tags":44,"has_workaround":6,"attack_tactics":45,"has_ai_summary":6,"state":46,"cvss_version":47,"reference_count":48,"weaknesses":49,"affected_products_preview":52,"remediation_summary":57,"title":58},"",5.3,false,"CVE-2026-12025","2026-06-11T20:48:11Z","MEDIUM","nvd","Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)",[13],{"technique_name":14,"tactic":15,"tactic_name":16,"url":17,"confidence":18,"technique_id":19},"Exploit Public-Facing Application","initial-access","Initial Access","https://attack.mitre.org/techniques/T1190/","low","T1190",true,"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",0,1,[25],"mobile-apps",[27],{"country":28,"aliases":29,"sector":25,"subsector":32,"vendor":33,"vendor_type":34},"US",[30,31],"google inc","google llc","android-app","google","commercial",[36,39],{"url":37,"source":38},"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01962725236.html","cvelist",{"url":40,"source":38},"https://issues.chromium.org/issues/517153191",[38,10],"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","2026-06-12T02:16:41Z",[],[16],"PUBLISHED","3.1",2,[50],{"cwe_id":51,"name":4},"CWE-20",[53],{"vendor":54,"product":55,"sector":25,"subsector":32,"deployment":56},"Google","Chrome","on-prem",{"has_patch":6,"has_workaround":6},"Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a cra...",{"cve_id":7,"items":60,"total":22},[]]