cbcvebase.
CVE-2026-7986
published 2026-05-06

CVE-2026-7986: Insufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML…

medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
Insufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Affected

3 ranges
VendorProductVersion rangeFixed in
googlechrome< 148.0.7778.96148.0.7778.96
googlechrome>= 148.0.7778.96 < 148.0.7778.96148.0.7778.96
googlechrome_desktop