CVE-2026-8005 — MEDIUM (4.3)

Q: How severe is CVE-2026-8005?

CVE-2026-8005 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-8005?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Macos, Linux Linux Kernel, Microsoft Windows.

Vulnerability Description

Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. (Chromium security severity: Low)

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Google	Chrome	< 148.0.7778.96
Apple	Macos	-
Linux	Linux Kernel	-
Microsoft	Windows	-

Related Weaknesses (CWE)

CWE-20

References

https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.Vendor AdvisoryRelease Notes
https://issues.chromium.org/issues/496298665Permissions Required

FAQ

What is CVE-2026-8005?

CVE-2026-8005 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. ...

How severe is CVE-2026-8005?

CVE-2026-8005 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-8005?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Macos, Linux Linux Kernel, Microsoft Windows.