CVE-2026-13842

Publication date 30 June 2026

Last updated 1 July 2026


Ubuntu priority

Description

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

Read the notes from the security team

Status

Package Ubuntu Release Status
chromium-browser 26.04 LTS resolute
Not affected
25.10 questing
Not affected
24.04 LTS noble
Not affected
22.04 LTS jammy
Not affected

Notes


alexmurray

The Debian chromium source package is called chromium-browser in Ubuntu


mdeslaur

starting with Ubuntu 19.10, the chromium-browser package is just a script that installs the Chromium snap


Access our resources on patching vulnerabilities