Google Chrome: Remote Code Execution via Malicious HTML Page

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome: Remote Code Execution via Malicious HTML Page

CVE-2026-5861

Summary

A security issue in older versions of Google Chrome allows a hacker to execute code on your computer if you visit a malicious website. This could lead to unauthorized actions being taken on your system. Update to the latest version of Google Chrome to fix this issue.

Original title

Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Original description

Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vulnerability type

CWE-416 Use After Free

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop....
https://issues.chromium.org/issues/486927780

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026