CVE-2026-5919

• Google/Chrome

  cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

  Range: <147.0.7727.55

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

• chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.htmlnvdRelease NotesVendor Advisory
• issues.chromium.org/issues/483423893nvdPermissions Required

• SHub macOS infostealer variant spoofs Apple security updates
  BleepingComputer · May 18, 2026
• ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
  The Hacker News · May 18, 2026
• SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain
  SentinelOne Labs · May 18, 2026
• Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
  The Hacker News · May 18, 2026
• Microsoft is changing Edge’s plaintext password behavior
  Malwarebytes Labs · May 18, 2026
• PoC Code Published for Critical NGINX Vulnerability
  SecurityWeek · May 16, 2026
• In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws
  SecurityWeek · May 15, 2026
• Microsoft backpedals: Edge to stop loading passwords into memory
  BleepingComputer · May 15, 2026
• Chrome 148 Update Patches Critical Vulnerabilities
  SecurityWeek · May 15, 2026
• Google Launches Android Spyware Forensics Tool for High-Risk Users
  Infosecurity Magazine · May 14, 2026
• Iranian hackers targeted major South Korean electronics maker
  BleepingComputer · May 13, 2026
• Microsoft, Palo Alto Networks Find Many Vulnerabilities by Using AI on Their Own Code
  SecurityWeek · May 13, 2026
• Browser Run: now running on Cloudflare Containers, it’s faster and more scalable
  Cloudflare Blog · May 13, 2026
• Microsoft on pace to break annual vulnerability record as AI-driven patch wave takes hold
  The Record · May 13, 2026
• Android Adds Intrusion Logging for Sophisticated Spyware Forensics
  The Hacker News · May 13, 2026
• Risky Business #837 -- GitHub Actions footgun claims TanStack
  Risky Business · May 13, 2026
• Android pushes new scam, theft, and AI protections in 2026 update wave
  Help Net Security · May 13, 2026
• Patch Tuesday, May 2026 Edition
  Krebs on Security · May 12, 2026
• Android 17 to expand banking scam call and privacy protections
  BleepingComputer · May 12, 2026
• Adobe Patches 52 Vulnerabilities in 10 Products
  SecurityWeek · May 12, 2026
• FCC Softens Ban on Foreign-Made Routers
  Dark Reading · May 11, 2026
• Cookie thieves caught stealing dev secrets via fake Claude Code installers
  The Register Security · May 11, 2026
• Fake Claude Code Page Pushes PowerShell Stealer at Devs
  Infosecurity Magazine · May 11, 2026
• Google Detects First AI-Generated Zero-Day Exploit
  SecurityWeek · May 11, 2026
• 11th May – Threat Intelligence Report
  Check Point Research · May 11, 2026
• ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
  The Hacker News · May 11, 2026
• A week in security (May 4 &#8211; May 10)
  Malwarebytes Labs · May 11, 2026
• Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams
  Help Net Security · May 10, 2026
• TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
  The Hacker News · May 8, 2026
• Microsoft says Edge’s plaintext password behavior is “by design”
  Malwarebytes Labs · May 8, 2026
• Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover
  SecurityWeek · May 8, 2026
• ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
  The Hacker News · May 7, 2026
• Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
  Unit 42 · May 7, 2026
• VoidStealer Malware Darts Past Google Chrome's Encryption
  Dark Reading · May 6, 2026
• Google Chrome&#8217;s silent 4GB AI download problem [updated]
  Malwarebytes Labs · May 6, 2026
• Websites with an undefined trust level: avoiding the trap
  Securelist · May 6, 2026
• Attackers Actively Exploiting Critical Vulnerability in Breeze Cache Plugin
  Wordfence Blog · May 5, 2026
• Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
  Dark Reading · May 5, 2026
• Cleartext Passwords in MS Edge&#x3f; In 2026&#x3f;, (Mon, May 4th)
  SANS Internet Storm Center · May 5, 2026
• Google to pay up to $1.5 million for zero-click Pixel Titan M exploits
  Help Net Security · May 5, 2026
• SSL.com rotates their root certificate today, (Tue, May 5th)
  SANS Internet Storm Center · May 5, 2026
• Google now offers up to $1.5 million for some Android exploits
  BleepingComputer · May 5, 2026
• CloudZ RAT potentially steals OTP messages using Pheno plugin
  Cisco Talos Intelligence · May 5, 2026
• Backdoored PyTorch Lightning package drops credential stealer
  BleepingComputer · May 4, 2026
• Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
  Dark Reading · May 4, 2026
• ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
  The Hacker News · May 4, 2026
• 2026: The Year of AI-Assisted Attacks
  The Hacker News · May 4, 2026
• In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability
  SecurityWeek · May 1, 2026
• Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge
  SecurityWeek · May 1, 2026
• Sophisticated Deep#Door Backdoor Enables Espionage, Disruption
  SecurityWeek · May 1, 2026