VDB
CVE-2026-7905
CVE-2026-7905
PUBLISHED
CVSS 8.300000190734863 HIGH
Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
EPSS 0.10% · 27.0th percentile
Risk Scores
CVSS v3.1
8.300000190734863
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
0.10%
27.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| chrome | 0 | |
| Chrome | 148.0.7778.96 |
Timeline
- May 6, 2026 CVE Published
- May 6, 2026 CVE Updated
- May 7, 2026 EPSS Score
- May 7, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
References
- https://issues.chromium.org/issues/495259842 url
- https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html url
- https://nvd.nist.gov/vuln/detail/CVE-2026-7905 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7905 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35429 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7941 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7993 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42891 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8020 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7931 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41107 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7897 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7913 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7915 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42838 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7912 advisory