cve 2026 8022

CVE-2026-8022 is a low-severity Chromium vulnerability disclosed on May 6, 2026, affecting Google Chrome before version 148.0.7778.96 and Microsoft Edge through its shared Chromium codebase. The flaw involves a crafted MHTML page that could leak cross-origin data after specific user interface gestures. While the severity is low, the bug highlights how browser security risks often hide in legacy features like MHTML that most users never knowingly use. Discussions on WindowsForum.com emphasize that this CVE serves as a reminder for administrators to pay attention to seemingly minor vulnerabilities, as they can reveal important lessons about attack surface reduction and the importance of keeping browsers updated.