Input Validation Flaw in Google Chrome Affects User Data Security
CVE-2026-9124

5.3MEDIUM

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 20 May 2026

What is CVE-2026-9124?

A security vulnerability in Google Chrome prior to version 148.0.7778.179 arises from insufficient validation of untrusted input. This flaw allows remote attackers, who have compromised the renderer process, to exploit the vulnerability and extract cross-origin data using a specially crafted HTML page. Users are advised to update their Google Chrome installations promptly to mitigate potential security risks.

Affected Version(s)

Chrome 148.0.7778.179

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/496375695

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
May 20, 2026

CVE-2026-9124 Data

JSON