Google Chrome prior to 147.0.7727.55: Remote Code Execution via Malicious Website

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome prior to 147.0.7727.55: Remote Code Execution via Malicious Website

CVE-2026-5859

Summary

If you're using an outdated version of Google Chrome, a hacker could potentially trick your browser into crashing or allowing them to take control of your computer. This is a serious issue for anyone who uses Chrome, so it's essential to update to the latest version. You should install the latest patch as soon as possible to fix the vulnerability.

Original title

Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Original description

Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Vulnerability type

CWE-472

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026