Description
Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-05-06
Score: 4.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An insufficient policy enforcement bug in Chrome extensions allowed a remote attacker who had already compromised the renderer process to bypass discretionary access control by loading a crafted HTML page. This issue aligns with CWE‑280 and CWE‑693, reflecting improper policy enforcement and control over the renderer’s privileges. The vulnerability enables the attacker to make the renderer perform privileged actions, such as accessing files or executing code on the host, thereby elevating privileges within the browser sandbox. The Chromium security severity is Medium.

Affected Systems

Google Chrome on all desktop platforms. Versions prior to 148.0.7778.96 are affected. The vulnerability is tied to the Chrome rendering engine and applies to all operating systems that run the desktop browser.

Risk and Exploitability

The CVSS score of 4.2 and the EPSS score is < 1%, indicating a low but non‑zero exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to have already compromised the renderer process, typically via a local or previously privileged vector. Once the renderer is compromised, the crafted HTML page can be delivered to elevate privileges within that process. The absence of a publicly available zero‑day exploit and the need for prior renderer compromise suggest the risk is moderate, but the potential impact remains significant for affected users.

Generated by OpenCVE AI on May 9, 2026 at 04:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Chrome to version 148.0.7778.96 or later
  • Disable or remove third‑party extensions that are not essential for browsing
  • Enforce a Chrome policy to block installation of any extensions outside of approved sources
  • Monitor for unauthorised renderer activity and audit extension usage

Generated by OpenCVE AI on May 9, 2026 at 04:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6250-1 chromium security update
History

Sat, 09 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title Chrome Extension Policy Bypass via Crafted Page chromium-browser: Insufficient policy enforcement in Extensions
Weaknesses CWE-280
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 07 May 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Thu, 07 May 2026 01:30:00 +0000

Type Values Removed Values Added
Title Chrome Extension Policy Bypass via Crafted Page

Wed, 06 May 2026 22:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-693
Metrics cvssV3_1

{'score': 4.2, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 06 May 2026 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 06 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-06T21:56:18.362Z

Reserved: 2026-05-05T22:59:18.645Z

Link: CVE-2026-7952

cve-icon Vulnrichment

Updated: 2026-05-06T21:40:08.528Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-06T19:16:43.510

Modified: 2026-05-07T02:06:58.837

Link: CVE-2026-7952

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-05T00:00:00Z

Links: CVE-2026-7952 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-09T04:15:06Z

Weaknesses