Google Chrome: Malicious Website Can Execute Arbitrary Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome: Malicious Website Can Execute Arbitrary Code

CVE-2026-5871

Summary

Malicious websites can trick Google Chrome into running unauthorized code, potentially stealing sensitive user information or taking control of the browser. Affected users should update to the latest version of Chrome to ensure they have the latest security patches. This update is available for all users.

Original title

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Original description

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vulnerability type

CWE-843 Type Confusion

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026