Low severity3.1NVD Advisory· Published May 6, 2026· Updated May 7, 2026
CVE-2026-8017
CVE-2026-8017
Description
Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.htmlnvdVendor AdvisoryRelease Notes
- issues.chromium.org/issues/497722578nvdPermissions Required
News mentions
8- Patch Tuesday - May 2026Rapid7 Blog · May 13, 2026
- Microsoft says Edge’s plaintext password behavior is “by design”Malwarebytes Labs · May 8, 2026
- Google Chrome’s silent 4GB AI download problem [updated]Malwarebytes Labs · May 6, 2026
- The Good, the Bad and the Ugly in Cybersecurity – Week 16SentinelOne Labs · Apr 17, 2026
- Patch Tuesday - April 2026Rapid7 Blog · Apr 14, 2026
- Patch Tuesday, April 2026 EditionKrebs on Security · Apr 14, 2026
- 6th April – Threat Intelligence ReportCheck Point Research · Apr 6, 2026
- The Good, the Bad and the Ugly in Cybersecurity – Week 14SentinelOne Labs · Apr 3, 2026