ThreatCluster

Critical Vulnerabilities in Google Chrome Affecting iOS and Linux Users

First seen 7 May 2026, 11:13 UTC nvd.nist.govNvd.Nistcve.org 92% similarity 73

Article Content

Browse articles
ThreatCluster

Two critical vulnerabilities, CVE-2026-7897 and CVE-2026-7898, were published on May 6, 2026. CVE-2026-7897 affects Google Chrome on iOS versions prior to 148.0.7778.96, allowing remote code execution through specific UI gestures on a crafted HTML page. CVE-2026-7898 impacts Google Chrome on Linux, enabling remote code execution via malicious network traffic. Both vulnerabilities are classified as critical by Chromium security standards, indicating a severe risk to users. The vulnerabilities could potentially be exploited by attackers to gain unauthorized access to systems. Users are urged to update their browsers to the latest version to mitigate risks. No specific exploitations have been reported yet, but the severity of these vulnerabilities necessitates immediate attention.

Key Points: • CVE-2026-7897 affects Google Chrome on iOS, allowing remote code execution. • CVE-2026-7898 impacts Google Chrome on Linux, also enabling remote code execution. • Both vulnerabilities are classified as critical and require immediate updates.

ThreatCluster AI

Timeline

2026-05-06
CVE-2026-7897 published
A use-after-free vulnerability in Google Chrome on iOS was disclosed, allowing remote code execution.
nvd.nist.gov
2026-05-06
CVE-2026-7898 published
A use-after-free vulnerability in Chromoting on Linux was disclosed, enabling remote code execution.
nvd.nist.gov
2026-05-07
Security advisory issued
Users are advised to update Google Chrome to version 148.0.7778.96 or later to mitigate risks.
nvd.nist.gov

Community

Browse all →