cve 2026-8016

CVE-2026-8016 is a use-after-free vulnerability in Chromium's WebRTC component that affects Google Chrome before version 148.0.7778.96 and Microsoft Edge. Disclosed on May 6, 2026, the flaw has a severity discrepancy: Chromium rates it as Low, while CISA's ADP scoring gives it a CVSS 3.1 score of 8.8 (High). For IT administrators, this gap highlights the importance of evaluating browser security based on the component affected and patch adoption rather than relying solely on a single severity label. Discussions on WindowsForum.com focus on the practical implications for enterprise environments, including patch management and user relaunch behavior.