cbcvebase.
CVE-2026-8008
published 2026-05-06

CVE-2026-8008: Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to…

medium5.4CVSS 3.1
AVNACLPRNUIRSUCLINAL
Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

Affected

3 ranges
VendorProductVersion rangeFixed in
googlechrome< 148.0.7778.96148.0.7778.96
googlechrome>= 148.0.7778.96 < 148.0.7778.96148.0.7778.96
googlechrome_desktop