Google Chrome: Malicious Web Page Can Escape Browser's Security Sandbox

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

Google Chrome: Malicious Web Page Can Escape Browser's Security Sandbox

CVE-2026-4676

Summary

An issue in older versions of Google Chrome allowed a malicious website to potentially break out of the browser's security sandbox. This could allow an attacker to access sensitive information or install malware on a user's computer. Update to the latest version of Google Chrome to fix this issue.

Original title

Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Original description

Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Vulnerability type

CWE-416 Use After Free

Published: 24 Mar 2026 · Updated: 24 Mar 2026 · First seen: 24 Mar 2026