Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.6
Google Chrome: Malicious Web Page Can Escape Browser
CVE-2026-3916
Summary
A security issue in older versions of Google Chrome allows a hacker to create a web page that could potentially break out of the browser's security sandbox, allowing them to access and manipulate system files. This could lead to serious security problems if you're using an affected version of the browser. Update to version 146.0.7680.71 or later to fix the issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| chrome | <= 146.0.7680.71 | – |
Original title
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Original description
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Vulnerability type
CWE-125
Out-of-bounds Read
Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026