Chromium Security
The latest Chromium Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Update Chrome & Edge now: CVE-2026-8005 lets attackers breach your local network
Google Chrome 148.0.7778.96 closes a high‑severity hole in the Cast component that lets a malicious website break the same‑origin policy and reach resources on your local network. Microsoft...
Chrome 148 Patches CVE-2026-8014 Preload Leak – Update Edge Now
Google has disclosed CVE-2026-8014, a low-severity vulnerability in Chrome's Preload implementation that could allow a remote attacker to leak sensitive cross-origin data. The flaw, disclosed on May...
Edge Admins: Why Low-Severity CVE-2026-8017 Side-Channel Demands Urgent Patching
Microsoft Edge administrators woke up to a new security advisory on May 6, 2026, as CVE-2026-8017—a low-severity Chromium vulnerability—entered the public domain. The flaw, rooted in Chrome's...
CVE-2026-8022 MHTML Flaw in Chrome and Edge: Patch Now, Tighten File Rules
On May 6, 2026, a low-severity Chromium vulnerability tagged CVE-2026-8022 entered the public domain. The bug lets attackers craft malicious MHTML files that trigger a data leak in Google Chrome...
CVE-2026-7348: Why Chromium Codecs Flaw Demands Swift Chrome and Edge Patching for Windows Security
{ "title": "CVE-2026-7348: Why Chromium Codecs Flaw Demands Swift Chrome and Edge Patching for Windows Security", "content": "A single high-severity use-after-free bug has rippled across the...
Chrome CVE‑2026‑7351 Exposes Race Condition in MHTML—Malicious Extensions Can Leak Cross‑Origin Data
{ "title": "Chrome CVE‑2026‑7351 Exposes Race Condition in MHTML—Malicious Extensions Can Leak Cross‑Origin Data", "content": "Google disclosed a...
Patch Chrome and Edge Now: Critical CVE-2026-7363 Canvas Flaw Hits Linux and ChromeOS
{ "title": "CVE-2026-7363: Critical Chromium Canvas Use-After-Free Flaw—Patch Chrome and Edge on Linux and ChromeOS Now", "content": "Google and Microsoft have triggered an urgent call to...
CVE-2026-6309: Critical Chromium Viz Vulnerability Threatens Windows Security, Patches Available
Google's April 15, 2026 Chrome 147 update addresses CVE-2026-6309, a high-severity use-after-free vulnerability in the Viz component that security researchers warn carries greater practical...
Chrome 147.0.7727.101+ Fixes Critical CVE-2026-6313 CORS Vulnerability Affecting Microsoft Edge
Google has patched a critical CORS policy enforcement vulnerability in Chrome 147.0.7727.101 that directly impacts Microsoft Edge users. CVE-2026-6313 represents exactly the type of Chromium bug that...
Microsoft Edge Users Still Exposed as Google Patches Critical CVE-2026-6363 V8 Bug in Chrome 147
Google has patched a critical V8 type confusion vulnerability designated CVE-2026-6363 in Chrome 147, addressing a fundamental flaw in the JavaScript engine that powers the browser's core execution...
CVE-2026-5903: Chromium IFrameSandbox Policy Bypass Threatens Browser Security
Google has disclosed a critical security vulnerability in Chromium's IFrameSandbox implementation that could allow attackers to bypass browser security policies. CVE-2026-5903, classified as a policy...
CVE-2026-5910: Critical Chrome Media Integer Overflow Vulnerability Patched in Version 147.0.7727.55
Google has released Chrome 147.0.7727.55 to address CVE-2026-5910, a critical integer overflow vulnerability in the Media component that could lead to heap corruption and remote code execution. The...