IFrame Sandbox Bypass Vulnerability in Google Chrome
CVE-2026-8563

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 14 May 2026

What is CVE-2026-8563?

A vulnerability exists in Google Chrome's IFrame Sandbox that allows remote attackers to circumvent navigation restrictions. By crafting a malicious HTML page, attackers can exploit this flaw, potentially redirecting users to unintended locations. The issue affects versions of Google Chrome on Windows prior to 148.0.7778.168, emphasizing the need for immediate updates to secure browser functionalities.

Affected Version(s)

Chrome 148.0.7778.168

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/40061220

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
May 14, 2026

CVE-2026-8563 Data

JSON