Google Chrome: Malicious HTML can execute arbitrary code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome: Malicious HTML can execute arbitrary code

CVE-2026-5865

Summary

A security issue in older versions of Google Chrome could allow a hacker to run malicious code on your computer if you visit a specially crafted website. This could potentially give the hacker control of your computer. Update to the latest version of Chrome to fix this issue.

Original title

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Original description

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vulnerability type

CWE-843 Type Confusion

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop....
https://issues.chromium.org/issues/491884710

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026