Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-05-27T00:00:00 chromium-browser: Insufficient validation of untrusted input in USB 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CWE-1289

Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)

An insufficient validation of untrusted input flaw was found in the USB component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=497327715

Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory. https://www.cve.org/CVERecord?id=CVE-2026-10021 https://nvd.nist.gov/vuln/detail/CVE-2026-10021 https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html https://issues.chromium.org/issues/497327715