Insufficient Policy Enforcement in Google Chrome Affects Users
CVE-2026-5901

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 8 April 2026

What is CVE-2026-5901?

The vulnerability in Google Chrome involves insufficient policy enforcement within DevTools, which allowed attackers to manipulate cookie settings by persuading users to install harmful extensions. This exploitation provides a pathway for unauthorized cookie modification, potentially undermining enterprise security policies. Users are advised to update their browsers to the latest version to mitigate this issue.

Affected Version(s)

Chrome 147.0.7727.55

References

https://chromereleases.googleblog.com/2026/04/stable-chan...

https://issues.chromium.org/issues/479673903

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2026
Vulnerability Reserved
Apr 8, 2026

CVE-2026-5901 Data

JSON