Google · Chrome On Android · CVE-2026-8566
**Name of the Vulnerable Software and Affected Versions**
Google Chrome on Android versions prior to 148.0.7778.168
**Description**
Insufficient policy enforcement in Payments allows a remote attacker to bypass discretionary access control, which is a mechanism that restricts access to objects based on the identity of users or groups, by using a crafted HTML page.
**Recommendations**
Update to version 148.0.7778.168 or later.