cve-2026-7918

CVE-2026-7918 is a high-severity Chromium GPU use-after-free vulnerability fixed in Chrome 148.0.7778.96 and addressed in Microsoft Edge's Chromium-based 148.0.7778.xxx security update for supported desktop platforms. Documented by Google and Microsoft on May 6-7, 2026, this CVE highlights the complexity of browser supply chains, where Chromium as an upstream project, Chrome as Google's branded product, and Edge as Microsoft's downstream browser do not fit neatly into traditional CPE-based security scanning. Discussions on WindowsForum.com explore the implications for enterprise IT administrators managing browser security updates and the challenges of tracking vulnerabilities across different Chromium-based browsers.