Google Chrome Android: Malicious Web Page Can Crash App and Execute Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome Android: Malicious Web Page Can Crash App and Execute Code

CVE-2026-5278

Summary

A security issue in Google Chrome for Android prior to version 146.0.7680.178 can be exploited by a malicious website to crash the app and potentially execute unauthorized code. This could allow an attacker to steal sensitive information or take control of the device. Update to the latest version of Google Chrome to fix this issue.

Original title

Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Original description

Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Vulnerability type

CWE-416 Use After Free

Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 1 Apr 2026