Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Google Chrome: Malicious Webpage Can Crash Browser
CVE-2026-3538
Summary
A security issue in Google Chrome's graphics rendering engine (Skia) can allow a malicious website to crash the browser or potentially steal sensitive information. This issue affects Google Chrome versions prior to 145.0.7632.159. To fix this issue, update Google Chrome to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| chrome | <= 145.0.7632.159 | – |
Original title
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: ...
Original description
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
nvd CVSS3.1
8.8
Vulnerability type
CWE-472
CWE-191
- https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.... Release Notes Vendor Advisory
- https://issues.chromium.org/issues/484983991 Issue Tracking Permissions Required
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026