Matt Howard

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 126.0.6478.54 **Description** The issue is related to a policy bypass in the CORS mechanism, which can be exploited by a remote attacker to bypass discretionary access control. This can be achieved through a crafted HTML page, potentially allowing the attacker to disclose protected information. The severity of this issue is medium, according to Chromium's security severity rating. **Recommendations** For Google Chrome versions prior to 126.0.6478.54, update to version 126.0.6478.54 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and avoiding the use of potentially vulnerable HTML pages until the update is applied.