cve-2026-5876

CVE-2026-5876 is a medium-severity Chromium/Chrome vulnerability that can leak cross-origin information through a crafted HTML page by abusing the browser's Navigation subsystem. The issue affects Google Chrome versions prior to 147.0.7727.55, and the record was added to the CVE list and NVD on April 8, 2026. Microsoft's Security Update Guide has also surfaced the advisory, underscoring that this is the kind of browser flaw enterprise defenders need to treat as a priority patch item. The root weakness is tagged CWE-1300, Improper Protection of Physical Side Channels, indicating the bug is not a classic memory corruption issue but rather a side-channel information leak.