Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome: Sandboxing Issue Allows Malicious HTML Attack
CVE-2026-5290
Summary
A security issue in older versions of Google Chrome allows an attacker who has already compromised a user's computer to potentially break out of a security sandbox and gain more control over the system. This could lead to further malicious activities. Update to the latest version of Google Chrome to fix this issue.
Original title
Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML ...
Original description
Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Vulnerability type
CWE-416
Use After Free
Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 1 Apr 2026