Google Chrome: Out-of-bounds memory read through crafted HTML page

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

Google Chrome: Out-of-bounds memory read through crafted HTML page

CVE-2026-4675

Summary

Google Chrome versions before 146.0.7680.165 have a weakness that could allow an attacker to access sensitive information by tricking a user into visiting a malicious webpage. This means that a hacker could potentially steal confidential data. To protect yourself, update your Google Chrome browser to the latest version.

Original title

Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Original description

Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Vulnerability type

CWE-122 Heap-based Buffer Overflow

Published: 24 Mar 2026 · Updated: 24 Mar 2026 · First seen: 24 Mar 2026