CVE-2026-8007 - AskarLabs CVE Database

CVE-2026-8007

Vendor Google

Product Chrome

Weakness CWE-20 · Input validation

Published May 6, 2026

Last update May 7, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)

Key dates

02Disclosure timeline

May 6, 2026 CVE published

May 7, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-8007

Related vulnerabilities

04Related CVE

CVE-2023-51444 GeoServer arbitrary file upload vulnerability in REST Coverage Store API CVE-2026-26143 Microsoft PowerShell Security Feature Bypass Vulnerability CVE-2026-35049 wire-ios has Persistent Remote DoS via Integer Underflow CVE-2017-2658 CVE-2024-50386 Apache CloudStack: Directly downloaded templates can be used to abuse KVM-based infrastructure