cve-2026-7980

About this tag
CVE-2026-7980 is a Chromium WebAudio use-after-free vulnerability patched in Chrome before version 148.0.7778.96 and in Microsoft Edge builds that incorporate the fix. Although Chromium rates it as medium severity, CISA's ADP process assigns a CVSS 3.1 score of 8.8, highlighting a discrepancy in severity labeling. For Windows administrators, the key action is ensuring Chromium-family browsers are updated to version 148.0.7778 or later and verifying that policy-controlled endpoints have applied the update. This tag covers discussions about the vulnerability, its impact on Windows systems, and practical remediation steps for enterprise environments.
  1. CVE-2026-7980: Chrome WebAudio Use-After-Free Fix for Windows Admins

    Google and Microsoft documented CVE-2026-7980 on May 6–7, 2026, as a Chromium WebAudio use-after-free flaw fixed in Chrome before version 148.0.7778.96 and in current Microsoft Edge builds that ingest the patched Chromium code. The bug is officially “medium” in Chromium’s own severity language...