You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-7991
About this tag
CVE-2026-7991 is a use-after-free vulnerability in the Chrome browser UI, affecting Google Chrome before version 148.0.7778.96. This flaw could allow a remote attacker with a compromised renderer process to execute code inside Chrome's sandbox via a crafted HTML page. The vulnerability was publicly tracked on May 6, 2026, alongside Chrome 148's desktop security update. While the official Chromium severity is Medium, the CISA ADP CVSS 3.1 score is 8.8, indicating significant risk. For Windows users and administrators, the recommended response is to verify that Chrome, Edge (where applicable), and managed browsers are updated to patched versions.
Google Chrome before 148.0.7778.96 contains CVE-2026-7991, a use-after-free flaw in the browser UI that could let a remote attacker with a compromised renderer process execute code inside Chrome’s sandbox through a crafted HTML page. The vulnerability landed in public tracking on May 6, 2026...