CVE-2026-7953

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96

Description Insufficient validation of untrusted input in the Omnibox allows a remote attacker to inject arbitrary scripts or HTML, leading to Universal Cross-Site Scripting (UXSS), which is a vulnerability that allows scripts to execute across different origins. This can be achieved via malicious network traffic.

Recommendations Update to version 148.0.7778.96 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2026-07066

CVE-2026-7953

ECHO-7B95-8480-5B68

OPENSUSE-SU-2026:10778-1

Affected Products

Google Chrome

CVE-2026-7953

Weakness Enumeration

Related Identifiers

Affected Products

References · 139