Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome on Windows: Malicious Websites Can Bypass Download Restrictions
DEBIAN-CVE-2026-5887
Summary
If you use Google Chrome on a Windows computer, a security issue could allow a website to trick you into downloading files you shouldn't. This is a moderate risk that affects versions of Chrome prior to a certain update. To stay safe, make sure you're running the latest version of Chrome.
What to do
- Update debian chromium to version 147.0.7727.55-1~deb12u1.
- Update debian chromium to version 147.0.7727.55-1~deb13u1.
- Update debian chromium to version 147.0.7727.55-1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | chromium | All versions | – |
| debian | chromium | <= 147.0.7727.55-1~deb12u1 | 147.0.7727.55-1~deb12u1 |
| debian | chromium | <= 147.0.7727.55-1~deb13u1 | 147.0.7727.55-1~deb13u1 |
| debian | chromium | <= 147.0.7727.55-1 | 147.0.7727.55-1 |
Original title
Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromi...
Original description
Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium security severity: Medium)
- https://security-tracker.debian.org/tracker/CVE-2026-5887 Vendor Advisory
Published: 8 Apr 2026 · Updated: 12 Apr 2026 · First seen: 12 Apr 2026