cve-2026-7933

CVE-2026-7933 is a medium-severity Chromium WebCodecs out-of-bounds read flaw disclosed by Google and Microsoft on May 6, 2026. The bug was fixed in Google Chrome before version 148.0.7778.96 and is also tracked by Microsoft for Chromium-based Edge users. While not a critical vulnerability, it highlights the growing risk of small parsing defects in browser media runtimes that can lead to memory information leaks. The tag covers discussions about the patch, affected browsers, and the broader security implications for enterprise desktops where the browser serves as a primary media runtime.