Cross-Origin Data Leak in Google Chrome Affects Multiple Versions
CVE-2026-8014

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-8014?

An implementation flaw in the Preload feature of Google Chrome has been identified, which can potentially allow a remote attacker to leak sensitive cross-origin data by leveraging a specially crafted HTML page. This vulnerability impacts multiple versions of Google Chrome prior to 148.0.7778.96, highlighting the importance of keeping the application updated to safeguard user information.

Affected Version(s)

Chrome 148.0.7778.96

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/497490364

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 5, 2026

CVE-2026-8014 Data

JSON