CVE-2026-5909 is a vulnerability in Google Chrome
Published on April 8, 2026
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
Weakness Type
What is an Assumed-Immutable Parameter Tampering Vulnerability?
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.
CVE-2026-5909 has been classified to as an Assumed-Immutable Parameter Tampering vulnerability or weakness.
Products Associated with CVE-2026-5909
Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.
Affected Versions
Google Chrome:- Version 147.0.7727.55 and below 147.0.7727.55 is affected.