CVE-2026-7946 — MEDIUM (4.3)

Q: How severe is CVE-2026-7946?

CVE-2026-7946 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-7946?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Macos, Google Chrome Os, Linux Linux Kernel, Microsoft Windows.

Vulnerability Description

Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Google	Chrome	< 148.0.7778.96
Apple	Macos	-
Google	Chrome Os	-
Linux	Linux Kernel	-
Microsoft	Windows	-

Related Weaknesses (CWE)

CWE-693

References

https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.Vendor Advisory
https://issues.chromium.org/issues/496016840Issue TrackingPermissions Required

FAQ

What is CVE-2026-7946?

CVE-2026-7946 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isol...

How severe is CVE-2026-7946?

CVE-2026-7946 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-7946?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Macos, Google Chrome Os, Linux Linux Kernel, Microsoft Windows.