VYPR
Medium severity4.3NVD Advisory· Published Apr 8, 2026· Updated Apr 13, 2026

CVE-2026-5887

CVE-2026-5887

Description

Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium security severity: Medium)

Affected products

6

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.

CVE-2026-5887 · Medium · VYPR