CVE-2026-8005
4.3
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. (Chromium security severity: Low)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Chrome | 148.0.7778.96 < 148.0.7778.96 | affected |
Weaknesses
- CWE-20: Insufficient validation of untrusted input
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/496298665
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.