Google Chrome: Malicious HTML Can Execute Arbitrary Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome: Malicious HTML Can Execute Arbitrary Code

CVE-2026-5279

Summary

Google Chrome prior to version 146.0.7680.178 has a security issue that can be exploited by a remote attacker to execute malicious code in a sandbox environment. This could result in unauthorized access to user data or system resources. Update to the latest version of Google Chrome to resolve this issue.

Original title

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Original description

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_...
https://issues.chromium.org/issues/490642836

Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 1 Apr 2026