You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026-7951
About this tag
CVE-2026-7951 is a medium-severity vulnerability in the WebRTC component of Chromium-based browsers, including Google Chrome and Microsoft Edge, that affects Windows systems. Patched in early May 2026, the flaw is an out-of-bounds write that could allow a remote attacker to execute code within the browser's sandbox by tricking a user into visiting a crafted HTML page. The vulnerability affects Chrome versions before 148.0.7778.96 and is inherited by Edge and other Chromium-based browsers. While rated medium by Chromium, it is considered a priority for enterprise Windows fleets because it is network-reachable and user-triggered, making browser patching critical for security.
Google and Microsoft patched CVE-2026-7951 in early May 2026 after Chrome versions before 148.0.7778.96 were found vulnerable to an out-of-bounds write in WebRTC that could let a remote attacker run code inside Chrome’s sandbox through a crafted HTML page. The bug is not the loudest flaw in...