Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome on Windows: Malicious Sites Can Steal Sensitive Info
CVE-2026-5885
Summary
Google Chrome on Windows versions before 147.0.7727.55 can be tricked into revealing sensitive information from its own memory by a malicious website. This could potentially expose confidential data. Update to the latest version of Google Chrome to fix this issue.
Original title
Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via ...
Original description
Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Vulnerability type
CWE-20
Improper Input Validation
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026