Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Google Chrome: Heap Corruption via Malicious Web Page
CVE-2026-3923
Summary
A security issue in Google Chrome's WebMIDI feature could allow an attacker to corrupt system memory if a user visits a specially crafted website. This could potentially lead to crashes or other system instability. Update to the latest version of Google Chrome to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| chrome | <= 146.0.7680.71 | – |
Original title
Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Original description
Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Vulnerability type
CWE-416
Use After Free
Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026