CVE-2026-12460 Overview
CVE-2026-12460 is an insufficient policy enforcement vulnerability in the File System Access component of Google Chrome versions prior to 149.0.7827.155. The flaw allows a remote attacker who has already compromised the renderer process to bypass site isolation through a crafted PDF file. Chromium classifies the security severity as High, while the NVD CVSS v3.1 base score is 4.2 (Medium). The vulnerability is tracked under CWE-284: Improper Access Control and affects Chrome on Windows, macOS, and Linux platforms.
Critical Impact
An attacker with renderer-level compromise can bypass Chrome's site isolation boundary using a crafted PDF, undermining a core browser sandboxing protection.
Affected Products
- Google Chrome prior to 149.0.7827.155 on Microsoft Windows
- Google Chrome prior to 149.0.7827.155 on Apple macOS
- Google Chrome prior to 149.0.7827.155 on Linux
Discovery Timeline
- 2026-06-17 - CVE-2026-12460 published to NVD
- 2026-06-17 - Last updated in NVD database
Technical Details for CVE-2026-12460
Vulnerability Analysis
The vulnerability resides in the File System Access API implementation within Google Chrome. File System Access provides web applications with controlled read and write access to local files through user-mediated permission grants. Site isolation enforces that each origin runs in its own renderer process, preventing one site from reading another's data even if a renderer is compromised.
In affected Chrome builds, the File System Access component does not adequately enforce origin policy checks when processing crafted PDF content. An attacker who has already achieved code execution inside the renderer process can leverage this gap to access file system handles or content associated with a different site. The exploit chain therefore requires a precursor renderer compromise, which raises attack complexity and limits exposure to chained exploitation scenarios.
Root Cause
The root cause is improper access control [CWE-284] in the policy enforcement path that mediates File System Access operations originating from PDF documents. Boundary checks that should validate the requesting origin against site isolation policy are insufficient, allowing cross-origin operations that should be denied.
Attack Vector
Exploitation is network-based but requires user interaction and a high-complexity exploit chain. The attacker must first compromise the renderer process, typically through a separate memory corruption or logic bug, then deliver a crafted PDF that triggers the policy bypass. Successful exploitation yields limited confidentiality and integrity impact, with no direct impact on availability per the CVSS vector.
No public proof-of-concept code is available. The vulnerability mechanism is documented in the Chromium Issue Tracker Entry.
Detection Methods for CVE-2026-12460
Indicators of Compromise
- Chrome browser processes running versions earlier than 149.0.7827.155 on managed endpoints.
- Unexpected PDF rendering activity followed by File System Access API calls in browser telemetry.
- Renderer process crashes or anomalous child process behavior preceding suspicious file access.
Detection Strategies
- Inventory installed Chrome versions across the fleet and flag any host below 149.0.7827.155.
- Correlate browser telemetry with endpoint file access events to identify renderer-initiated reads outside expected origins.
- Monitor for known precursor exploits that target the renderer sandbox, since this CVE requires prior renderer compromise.
Monitoring Recommendations
- Centralize Chrome version reporting through enterprise management tooling such as Chrome Browser Cloud Management.
- Forward browser and endpoint process telemetry to a SIEM for correlation across the kill chain.
- Alert on PDF documents originating from untrusted sources that trigger File System Access prompts or handle reuse.
How to Mitigate CVE-2026-12460
Immediate Actions Required
- Update Google Chrome to version 149.0.7827.155 or later on Windows, macOS, and Linux endpoints.
- Force restart of Chrome instances after deployment to ensure the patched binary is loaded into memory.
- Verify update compliance through enterprise browser management consoles or endpoint inventory queries.
Patch Information
Google released the fix in the Chrome Stable channel update documented in the Google Chrome Update Announcement. Administrators should ensure auto-update is functioning or deploy the patched MSI, PKG, or DEB packages through standard software distribution channels.
Workarounds
- Restrict opening of PDF files from untrusted origins through enterprise policy or content filtering at the proxy.
- Disable the File System Access API for managed users via the DefaultFileSystemReadGuardSetting and DefaultFileSystemWriteGuardSetting Chrome enterprise policies until patching completes.
- Enforce strict site isolation policies and ensure SitePerProcess is enabled to maintain defense in depth.
# Configuration example: Chrome enterprise policy to block File System Access by default (Linux managed policy)
cat <<'EOF' > /etc/opt/chrome/policies/managed/file_system_access.json
{
"DefaultFileSystemReadGuardSetting": 2,
"DefaultFileSystemWriteGuardSetting": 2,
"SitePerProcess": true
}
EOF
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
