Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-8006 (GCVE-0-2026-8006)
Vulnerability from cvelistv5 – Published: 2026-05-06 18:13 – Updated: 2026-05-06 21:47
VLAI?
EPSS
Summary
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
Severity ?
5.4 (Medium)
CWE
- Insufficient policy enforcement
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-8006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T21:20:20.326378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-451",
"description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T21:47:40.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "148.0.7778.96",
"status": "affected",
"version": "148.0.7778.96",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient policy enforcement",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T18:13:10.335Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"
},
{
"url": "https://issues.chromium.org/issues/496373088"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2026-8006",
"datePublished": "2026-05-06T18:13:10.335Z",
"dateReserved": "2026-05-05T22:59:33.341Z",
"dateUpdated": "2026-05-06T21:47:40.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CERTFR-2026-AVI-0557
Vulnerability from certfr_avis - Published: 2026-05-11 - Updated: 2026-05-11
De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Edge versions ant\u00e9rieures \u00e0 148.0.3967.54",
"product": {
"name": "Edge",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-8014",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8014"
},
{
"name": "CVE-2026-7928",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7928"
},
{
"name": "CVE-2026-7970",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7970"
},
{
"name": "CVE-2026-7968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7968"
},
{
"name": "CVE-2026-7952",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7952"
},
{
"name": "CVE-2026-7926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7926"
},
{
"name": "CVE-2026-7997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7997"
},
{
"name": "CVE-2026-8013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8013"
},
{
"name": "CVE-2026-7974",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7974"
},
{
"name": "CVE-2026-7908",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7908"
},
{
"name": "CVE-2026-8007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8007"
},
{
"name": "CVE-2026-8015",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8015"
},
{
"name": "CVE-2026-7959",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7959"
},
{
"name": "CVE-2026-7986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7986"
},
{
"name": "CVE-2026-8001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8001"
},
{
"name": "CVE-2026-7958",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7958"
},
{
"name": "CVE-2026-7903",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7903"
},
{
"name": "CVE-2026-7957",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7957"
},
{
"name": "CVE-2026-7914",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7914"
},
{
"name": "CVE-2026-7973",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7973"
},
{
"name": "CVE-2026-8022",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8022"
},
{
"name": "CVE-2026-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7940"
},
{
"name": "CVE-2026-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7995"
},
{
"name": "CVE-2026-7936",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7936"
},
{
"name": "CVE-2026-7990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7990"
},
{
"name": "CVE-2026-7966",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7966"
},
{
"name": "CVE-2026-8017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8017"
},
{
"name": "CVE-2026-7932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7932"
},
{
"name": "CVE-2026-7907",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7907"
},
{
"name": "CVE-2026-7935",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7935"
},
{
"name": "CVE-2026-8005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8005"
},
{
"name": "CVE-2026-7985",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7985"
},
{
"name": "CVE-2026-7934",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7934"
},
{
"name": "CVE-2026-7971",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7971"
},
{
"name": "CVE-2026-7951",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7951"
},
{
"name": "CVE-2026-7922",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7922"
},
{
"name": "CVE-2026-7988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7988"
},
{
"name": "CVE-2026-8004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8004"
},
{
"name": "CVE-2026-7969",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7969"
},
{
"name": "CVE-2026-7896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7896"
},
{
"name": "CVE-2026-7996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7996"
},
{
"name": "CVE-2026-7976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7976"
},
{
"name": "CVE-2026-8006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8006"
},
{
"name": "CVE-2026-7945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7945"
},
{
"name": "CVE-2026-8019",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8019"
},
{
"name": "CVE-2026-7948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7948"
},
{
"name": "CVE-2026-7901",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7901"
},
{
"name": "CVE-2026-7982",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7982"
},
{
"name": "CVE-2026-7956",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7956"
},
{
"name": "CVE-2026-7929",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7929"
},
{
"name": "CVE-2026-7900",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7900"
},
{
"name": "CVE-2026-7972",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7972"
},
{
"name": "CVE-2026-7980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7980"
},
{
"name": "CVE-2026-7902",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7902"
},
{
"name": "CVE-2026-7916",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7916"
},
{
"name": "CVE-2026-7992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7992"
},
{
"name": "CVE-2026-7950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7950"
},
{
"name": "CVE-2026-7960",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7960"
},
{
"name": "CVE-2026-8021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8021"
},
{
"name": "CVE-2026-7981",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7981"
},
{
"name": "CVE-2026-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8010"
},
{
"name": "CVE-2026-7989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7989"
},
{
"name": "CVE-2026-7917",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7917"
},
{
"name": "CVE-2026-7937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7937"
},
{
"name": "CVE-2026-7920",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7920"
},
{
"name": "CVE-2026-7961",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7961"
},
{
"name": "CVE-2026-7999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7999"
},
{
"name": "CVE-2026-7946",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7946"
},
{
"name": "CVE-2026-7949",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7949"
},
{
"name": "CVE-2026-7984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7984"
},
{
"name": "CVE-2026-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7962"
},
{
"name": "CVE-2026-7977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7977"
},
{
"name": "CVE-2026-7904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7904"
},
{
"name": "CVE-2026-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8011"
},
{
"name": "CVE-2026-7943",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7943"
},
{
"name": "CVE-2026-7965",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7965"
},
{
"name": "CVE-2026-7994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7994"
},
{
"name": "CVE-2026-7983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7983"
},
{
"name": "CVE-2026-7991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7991"
},
{
"name": "CVE-2026-7953",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7953"
},
{
"name": "CVE-2026-7909",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7909"
},
{
"name": "CVE-2026-8018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8018"
},
{
"name": "CVE-2026-7955",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7955"
},
{
"name": "CVE-2026-8003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8003"
},
{
"name": "CVE-2026-8000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8000"
},
{
"name": "CVE-2026-7979",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7979"
},
{
"name": "CVE-2026-7942",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7942"
},
{
"name": "CVE-2026-8012",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8012"
},
{
"name": "CVE-2026-7944",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7944"
},
{
"name": "CVE-2026-7998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7998"
},
{
"name": "CVE-2026-8008",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8008"
},
{
"name": "CVE-2026-7964",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7964"
},
{
"name": "CVE-2026-7919",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7919"
},
{
"name": "CVE-2026-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7910"
},
{
"name": "CVE-2026-7967",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7967"
},
{
"name": "CVE-2026-7923",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7923"
},
{
"name": "CVE-2026-7947",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7947"
},
{
"name": "CVE-2026-8016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8016"
},
{
"name": "CVE-2026-8002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8002"
},
{
"name": "CVE-2026-7938",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7938"
},
{
"name": "CVE-2026-7921",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7921"
},
{
"name": "CVE-2026-7978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7978"
},
{
"name": "CVE-2026-7954",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7954"
},
{
"name": "CVE-2026-7975",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7975"
},
{
"name": "CVE-2026-7925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7925"
},
{
"name": "CVE-2026-7918",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7918"
},
{
"name": "CVE-2026-7924",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7924"
},
{
"name": "CVE-2026-7963",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7963"
},
{
"name": "CVE-2026-7906",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7906"
},
{
"name": "CVE-2026-7987",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7987"
},
{
"name": "CVE-2026-7898",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7898"
},
{
"name": "CVE-2026-7930",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7930"
},
{
"name": "CVE-2026-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7911"
},
{
"name": "CVE-2026-8009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8009"
},
{
"name": "CVE-2026-7899",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7899"
},
{
"name": "CVE-2026-7939",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7939"
},
{
"name": "CVE-2026-7927",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7927"
},
{
"name": "CVE-2026-7933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7933"
}
],
"initial_release_date": "2026-05-11T00:00:00",
"last_revision_date": "2026-05-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0557",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
"vendor_advisories": [
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7940",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7940"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7991",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7991"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7962",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7962"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7898",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7898"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8021"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7951",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7951"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7978",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7978"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7945",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7945"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7985",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7985"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8018",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8018"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7994",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7994"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8008",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8008"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7977",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7977"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7950",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7950"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7899",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7899"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8009",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8009"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7934",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7934"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7929",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7929"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8016",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8016"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7966",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7966"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8010",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8010"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8003",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8003"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7935",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7935"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8006",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8006"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7957",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7957"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7938",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7938"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8022",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8022"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7968",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7968"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7976",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7976"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7937",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7937"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7903",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7903"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7961",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7961"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7919",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7919"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7989",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7989"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7995",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7995"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7996",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7996"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7896",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7896"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7921",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7921"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7997",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7997"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8000",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8000"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7954",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7954"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7967",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7967"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7979",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7979"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8013",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8013"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7916",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7916"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7955",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7955"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7947",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7947"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7933",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7933"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7911",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7911"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7986",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7986"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7953",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7953"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7936",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7936"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7926",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7926"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7928",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7928"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7920",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7920"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7959",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7959"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7963",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7963"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7917",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7917"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7983",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7983"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7918",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7918"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7944",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7944"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7990",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7990"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8017",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8017"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7942",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7942"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7900",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7900"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7965",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7965"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7904",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7904"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7960",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7960"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7972",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7972"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7980",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7980"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8012",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8012"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7984",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7984"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7923",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7923"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7909",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7909"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7988",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7988"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7973",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7973"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7946",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7946"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7910",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7910"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7970",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7970"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7914",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7914"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8011",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8011"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8007",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8007"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8019",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8019"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7927",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7927"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7925",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7925"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7939",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7939"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7906",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7906"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7924",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7924"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7981",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7981"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8014",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8014"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7956",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7956"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7982",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7982"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7932",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7932"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7922",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7922"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7952",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7952"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7958",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7958"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7975",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7975"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7907",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7907"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8005",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8005"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7969",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7969"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7964",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7964"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7971",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7971"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7930",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7930"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7902",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7902"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7999",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7999"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8001",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8001"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8015",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8015"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7948",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7948"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8004",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8004"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7949",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7949"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7943",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7943"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7908",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7908"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7998",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7998"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7974",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7974"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-8002",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8002"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7992",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7992"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7987",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7987"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-7901",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7901"
}
]
}
FKIE_CVE-2026-8006
Vulnerability from fkie_nvd - Published: 2026-05-06 19:16 - Updated: 2026-06-17 11:03
Severity ?
Summary
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
References
| URL | Tags | ||
|---|---|---|---|
| chrome-cve-admin@google.com | https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html | Release Notes, Vendor Advisory | |
| chrome-cve-admin@google.com | https://issues.chromium.org/issues/496373088 | Permissions Required |
{
"affected": [
{
"affectedData": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "148.0.7778.96",
"status": "affected",
"version": "148.0.7778.96",
"versionType": "custom"
}
]
}
],
"source": "chrome-cve-admin@google.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E9416A8-4333-4195-983C-78F521AF6245",
"versionEndExcluding": "148.0.7778.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)"
}
],
"id": "CVE-2026-8006",
"lastModified": "2026-06-17T11:03:20.527",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-8006",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T21:20:20.326378Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-05-06T19:16:51.580",
"references": [
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
],
"url": "https://issues.chromium.org/issues/496373088"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-451"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-J778-M57F-8X3J
Vulnerability from github – Published: 2026-05-06 21:31 – Updated: 2026-05-07 01:05
VLAI?
Details
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
Severity ?
5.4 (Medium)
{
"affected": [],
"aliases": [
"CVE-2026-8006"
],
"database_specific": {
"cwe_ids": [
"CWE-451"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-06T19:16:51Z",
"severity": "MODERATE"
},
"details": "Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)",
"id": "GHSA-j778-m57f-8x3j",
"modified": "2026-05-07T01:05:54Z",
"published": "2026-05-06T21:31:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8006"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/496373088"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…