CVE-2026-7964 - AskarLabs CVE Database

CVE-2026-7964

Vendor Google

Product Chrome

Weakness CWE-20 · Input validation

Published May 6, 2026

Last update May 6, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)

Key dates

02Disclosure timeline

May 6, 2026 CVE published

May 6, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-7964

Related vulnerabilities

04Related CVE

CVE-2023-26407 ZDI-CAN-20712: Net.HTTP.request Arbitrary Command Execution CVE-2021-26630 HANDY Groupware file download and execute vulnerability CVE-2020-3441 Cisco Webex Meetings and Cisco Webex Meetings Server Information Disclosure Vulnerability CVE-2024-6978 Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users CVE-2025-32067 i18n XSS vulnerability in message growthexperiments