Home / Vulnerability Intelligence / CVE-2026-3540

CVE-2026-3540 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 5, 2026

Google Chrome - Out of Bounds Read/Write

Published: March 4, 2026Updated: March 5, 2026Remote Exploitable

Overview

Google Chrome < 145.0.7632.159 contains an out of bounds memory access vulnerability caused by inappropriate implementation in WebAudio, letting remote attackers execute out of bounds memory access via crafted HTML pages, exploit requires no special privileges.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Remote attackers can perform out of bounds memory access, potentially leading to code execution or browser crash.

Mitigation

Update to version 145.0.7632.159 or later.

References

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html
https://issues.chromium.org/issues/484088917

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-3540
Severity: High
CVSS Score: 8.8
Type: out_of_bounds_rw
Status: new

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H