Back

Critical Vulnerabilities in Google Chrome Affecting iOS and Linux Users

Severity: High (Score: 72.9)

Sources: nvd.nist.gov

Summary

Two critical vulnerabilities, CVE-2026-7897 and CVE-2026-7898, were published on May 6, 2026. CVE-2026-7897 affects Google Chrome on iOS versions prior to 148.0.7778.96, allowing remote code execution through specific UI gestures on a crafted HTML page. CVE-2026-7898 impacts Google Chrome on Linux, enabling remote code execution via malicious network traffic. Both vulnerabilities are classified as critical by Chromium security standards, indicating a severe risk to users. The vulnerabilities could potentially be exploited by attackers to gain unauthorized access to systems. Users are urged to update their browsers to the latest version to mitigate risks. No specific exploitations have been reported yet, but the severity of these vulnerabilities necessitates immediate attention. Key Points: • CVE-2026-7897 affects Google Chrome on iOS, allowing remote code execution. • CVE-2026-7898 impacts Google Chrome on Linux, also enabling remote code execution. • Both vulnerabilities are classified as critical and require immediate updates.

Key Entities

  • Zero-day Exploit (attack_type)
  • CVE-2026-7897 (cve)
  • CVE-2026-7898 (cve)
  • Cwe-416 - Use After Free (cwe)
  • T1203 - Exploitation for Client Execution (mitre_attack)
  • Chromoting (platform)
  • IOS (platform)
  • Linux (platform)
  • Google Chrome (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed