cve-2026-8005

About this tag
CVE-2026-8005 is a low-severity Chromium vulnerability in Chrome's Cast component that allows a same-origin bypass on local networks. It was fixed in Google Chrome 148.0.7778.96 and later, and Microsoft documented it on May 7, 2026, because Microsoft Edge inherits the affected Chromium code. The flaw is not a remote-code-execution emergency but highlights that modern browsers function as LAN-aware device-discovery platforms with complex trust assumptions. For Windows administrators, the practical response is to patch Chrome and Edge promptly, as the low severity rating does not mean the issue is irrelevant.
  1. CVE-2026-8005: Chrome Cast Local Network Same-Origin Bypass—Patch Chrome & Edge

    CVE-2026-8005 is a newly published Chromium vulnerability in Chrome’s Cast component, fixed in Google Chrome 148.0.7778.96 and later and documented by Microsoft on May 7, 2026, because Microsoft Edge inherits the Chromium code that contained the flaw. The bug is not a remote-code-execution...