cbcvebase.
CVE-2026-8006
published 2026-05-06

CVE-2026-8006: Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension…

medium5.4CVSS 3.1
AVNACLPRNUIRSUCLINAL
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

Affected

3 ranges
VendorProductVersion rangeFixed in
googlechrome< 148.0.7778.96148.0.7778.96
googlechrome>= 148.0.7778.96 < 148.0.7778.96148.0.7778.96
googlechrome_desktop