CVE-2026-5907

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55

Description Insufficient data validation in the Media component of Google Chrome could allow a remote attacker to perform an out-of-bounds memory read using a crafted video file. Exploitation may lead to a denial-of-service.

Recommendations Update Google Chrome to version 147.0.7727.55 or later.

Fix

RCE

Insufficient Verification of Data Authenticity

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-345CWE-125

Related Identifiers

BDU:2026-04933

CVE-2026-5907

OPENSUSE-SU-2026:10530-1

OPENSUSE-SU-2026:20575-1

Affected Products

Google Chrome

CVE-2026-5907

Weakness Enumeration

Related Identifiers

Affected Products

References · 71