Insufficient Input Validation Vulnerability in ChromeDriver on Google Chrome
CVE-2026-8000

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-8000?

A vulnerability in ChromeDriver for Google Chrome on Windows prior to version 148.0.7778.96 was identified, allowing a remote attacker to exploit insufficient validation of untrusted input. By crafting a malicious HTML page, an attacker could execute arbitrary code on the user's system, posing significant security risks. It is recommended that users upgrade to the latest version of Google Chrome to mitigate this vulnerability.

Affected Version(s)

Chrome 148.0.7778.96

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/494464734

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 5, 2026

CVE-2026-8000 Data

JSON