{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5903", "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "state": "PUBLISHED", "assignerShortName": "Chrome", "dateReserved": "2026-04-08T19:34:43.635Z", "datePublished": "2026-04-08T21:21:00.551Z", "dateUpdated": "2026-04-08T21:21:00.551Z"}, "containers": {"cna": {"affected": [{"vendor": "Google", "product": "Chrome", "versions": [{"version": "147.0.7727.55", "status": "affected", "lessThan": "147.0.7727.55", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Policy bypass"}]}], "providerMetadata": {"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome", "dateUpdated": "2026-04-08T21:21:00.551Z"}, "references": [{"url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"}, {"url": "https://issues.chromium.org/issues/483771899"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)"}], "id": "CVE-2026-5903", "lastModified": "2026-04-08T22:16:30.197", "metrics": {}, "published": "2026-04-08T22:16:30.197", "references": [{"source": "chrome-cve-admin@google.com", "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://issues.chromium.org/issues/483771899"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Received"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,147.0.7727.55)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Chrome", "source": "cna", "vendor": "Google"}, "product": "chrome", "vendor": "google"}], "analysis": {"en": {"generated_at": "2026-04-08T22:36:37.884541+00:00", "value": {"mitigation_remediation": ["Update Google Chrome to version 147.0.7727.55 or later via the official update mechanism.", "Verify that the installed Chrome version is 147.0.7727.55 or newer."], "summary": {"action": "Patch", "impact": "Browser Sandbox Breach"}, "threat_synthesis": {"affected_systems": "Affected product is Google Chrome. Versions before 147.0.7727.55 are vulnerable, including all prior releases of the stable channel.", "description_and_impact": "The vulnerability is a policy bypass in the IFrameSandbox component of Google Chrome prior to version 147.0.7727.55. An attacker can craft a specialized HTML page and persuade a user to perform specific user interface gestures, such as clicking or dragging. When these gestures are executed, the browser incorrectly applies the sandbox policy, allowing navigation to arbitrary URLs that would normally be disallowed. This bypass does not grant direct code execution but eliminates the browser\u2019s navigation restrictions, which can facilitate phishing, drive\u2011by downloads, or other content that relies on URL navigation.", "risk_and_exploitability": "Chromium's security severity for this issue was low. The attacker must convince a user to interact with the malicious page, making it a user-dependent threat. No exploit probability data is available, and the vulnerability is not listed in the CISA KEV catalog. The risk is moderate because the bypass could lead to indirect attacks but it does not expose the system to direct remote code execution."}}}}, "created": "2026-04-09T08:16:49.561368+00:00", "title": "IFrameSandbox Policy Bypass Through Crafted HTML", "updated": "2026-04-09T08:26:15.689047+00:00", "vendors": ["google", "google$PRODUCT$chrome"], "weaknesses": ["CWE-601"]}