Remote Code Execution Vulnerability in Google Chrome for Linux and ChromeOS
CVE-2026-7992

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-7992?

A vulnerability exists in Google Chrome for Linux and ChromeOS due to insufficient validation of untrusted input in the user interface. This weakness can be exploited by remote attackers who lead users to perform specific UI gestures, allowing them to execute arbitrary code through a specially crafted HTML page. Users are advised to update to version 148.0.7778.96 or later to mitigate the risk associated with this vulnerability.

Affected Version(s)

Chrome 148.0.7778.96

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/499067529

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 5, 2026

CVE-2026-7992 Data

JSON