v8 info disclosure

About this tag
The v8 info disclosure tag covers discussions about information-disclosure vulnerabilities in the V8 JavaScript engine, particularly as they affect Google Chrome and Microsoft Edge on Windows. A key example is CVE-2026-7999, a V8 information-disclosure flaw disclosed by Google and Microsoft in May 2026. This bug affects Chrome before version 148.0.7778.96 and Chromium-based browsers like Edge once their security updates are applied. While vendors may label such flaws as low severity, memory disclosure in a JavaScript engine can have practical security implications. For Windows users and enterprise administrators, these disclosures serve as reminders to apply browser updates promptly to mitigate risks.
  1. CVE-2026-7999 V8 Info Disclosure: Patch Chrome and Edge to 148.0.7778.96/97

    Google and Microsoft disclosed CVE-2026-7999 on May 6, 2026, as a V8 information-disclosure flaw affecting Google Chrome before 148.0.7778.96 and Chromium-based browsers that consume the same engine fixes, including Microsoft Edge once its corresponding security update is applied. The bug is not...