- 120/2026
- High
Google has released an updated version of Chrome 148.0.7778.96/97 for Windows and Mac, and 148.0.7778.96 for Linux
The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, and gain access to the affected systems.
Sample of the addressed vulnerabilities:
1. Google Chrome V8 Out of Bounds Read and Write Vulnerability (CVE-2026-7899):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
2. Google Chrome Insufficient Validation of Untrusted Input in Media Vulnerability (CVE-2026-7905):
- CVSS: 8.3
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Consequences: Security Bypass
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.