You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-7978
About this tag
CVE-2026-7978 is a Google Chrome for macOS vulnerability disclosed on May 6, 2026, involving an inappropriate implementation in the browser's Companion component that could allow remote OS-level privilege escalation through malicious network traffic. The vulnerability was fixed before version 148.0.7778.96. Discussions on WindowsForum.com highlight the discrepancy between Google's Medium severity rating and the CISA ADP CVSS 3.1 score of 8.1, as well as the NVD enrichment showing a Mac-only CPE configuration. This gap between vendor severity, third-party scoring, and asset-matching metadata creates operational risk for patch management. The tag covers analysis of the vulnerability, its scoring, and implications for macOS Chrome users and enterprise administrators.
CVE-2026-7978 is a newly published Google Chrome for macOS vulnerability, disclosed on May 6, 2026 and fixed before version 148.0.7778.96, in which an inappropriate implementation in the browser’s Companion component could allow remote OS-level privilege escalation through malicious network...