cve-2026-7945

CVE-2026-7945 is a medium-severity Chromium vulnerability disclosed by Google and Microsoft on May 6, 2026. The flaw resides in Cross-Origin-Opener-Policy (COOP) handling and affects Chrome versions before 148.0.7778.96. An attacker who has already compromised the renderer process could exploit this bug using crafted HTML to bypass site isolation protections. While not a standalone remote code execution vector, it represents a critical boundary failure in browser security chains. For Windows users and administrators, patching Chrome to version 148 or later is essential to maintain site isolation integrity. The vulnerability underscores the importance of layered browser security on Windows systems.