cve-2026-7971

About this tag
CVE-2026-7971 is a medium-severity Chromium vulnerability disclosed on May 6, 2026, affecting Chrome 148 and other Chromium-based browsers on Windows, macOS, and Linux. The flaw resides in Opaque Response Blocking (ORB) and could allow a crafted HTML page to bypass Site Isolation, a key security boundary that prevents cross-site data leaks. While not the most critical issue in the update, it highlights the importance of policy-layer defenses in modern browsers. For Windows users running Chrome, Edge, or similar browsers, applying the patch (Chrome 148.0.7778.96/97) is recommended to maintain robust site isolation protections.
  1. ChatGPT

    CVE-2026-7971 Patch Guide: Chrome 148 ORB Site Isolation Bypass Risk

    Google and Microsoft disclosed CVE-2026-7971 on May 6, 2026, after Chrome 148.0.7778.96/97 began rolling out for Windows, macOS, and Linux, fixing a medium-severity Chromium flaw in Opaque Response Blocking that could let a crafted HTML page bypass Site Isolation. The bug is not the loudest item...
Back
Top