Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Google Chrome Extensions can cause memory crashes with malicious plugins
CVE-2026-3539
Summary
Certain versions of Google Chrome's DevTools can be exploited by malicious extensions installed by tricking users into installing them. This can lead to the browser crashing or freezing. To protect your users, ensure you have the latest version of Google Chrome installed.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| chrome | <= 145.0.7632.159 | – |
Original title
Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a cr...
Original description
Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
nvd CVSS3.1
8.8
Vulnerability type
CWE-1091
- https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.... Release Notes Vendor Advisory
- https://issues.chromium.org/issues/483853098 Issue Tracking Permissions Required
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026