Insufficient Input Validation in Google Chrome Affects TabGroups Feature
CVE-2026-8003

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-8003?

A vulnerability in Google Chrome's TabGroups feature enabled remote attackers to carry out UI spoofing attacks. This was due to the insufficient validation of untrusted input, which could be exploited via malicious network traffic. Users of Google Chrome versions prior to 148.0.7778.96 are advised to update their browsers to mitigate this risk.

Affected Version(s)

Chrome 148.0.7778.96

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/495985532

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 5, 2026

CVE-2026-8003 Data

JSON