Google Chrome: Malicious HTML Can Execute Code on Your Computer

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome: Malicious HTML Can Execute Code on Your Computer

CVE-2026-5858

Summary

A security issue in Google Chrome can allow a hacker to run malicious code on your computer if you visit a specially crafted webpage. This means your computer could be taken over and your data stolen. Update to the latest version of Google Chrome to fix this issue.

Original title

Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Original description

Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Vulnerability type

CWE-122 Heap-based Buffer Overflow

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop....
https://issues.chromium.org/issues/493319454

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026