Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Google Chrome: Heap Corruption via Malicious HTML Page
CVE-2026-3918
Summary
A security issue in Google Chrome allows hackers to potentially crash the browser or steal sensitive information by tricking a user into visiting a specially crafted web page. This issue affects Google Chrome versions prior to 146.0.7680.71. To stay safe, update to the latest version of Google Chrome.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| chrome | <= 146.0.7680.71 | – |
Original title
Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Original description
Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Vulnerability type
CWE-416
Use After Free
Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026