CVE-2026-8005 PUBLISHED

Assigner: Chrome
Reserved: 05.05.2026 Published: 06.05.2026 Updated: 06.05.2026

Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. (Chromium security severity: Low)

Product Status

Vendor	Google
Product	Chrome
Versions	affected from 148.0.7778.96 to 148.0.7778.96 (excl.)

References

https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html
https://issues.chromium.org/issues/496298665

Problem Types

Insufficient validation of untrusted input