Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Google Chrome: Compromised Browser Session Escalation Risk
CVE-2026-3924
Summary
A security issue in older versions of Google Chrome could allow an attacker who has already taken control of the browser to break out of the security sandbox and gain more access. This could lead to further malicious activities. Update to the latest version of Google Chrome to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| chrome | <= 146.0.7680.71 | – |
Original title
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML ...
Original description
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Vulnerability type
CWE-416
Use After Free
Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026