HIGHCVE-2026-7992Published Modified CNA Chrome
CVE-2026-7992: Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148
Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
Metrics
- CVSS v3.1
- 8.8
- Severity
- HIGH
- Fixed in
- 148.0.7778.96
- Affected Products
- 1
Fix available
148.0.7778.96
Affected packages
- Google / Chrome< 148.0.7778.96 (from 148.0.7778.96)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H