Home / Vulnerability Intelligence / CVE-2026-3540

CVE-2026-3540 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 5, 2026

Google Chrome - Out of Bounds Read/Write

Published: March 4, 2026Updated: March 5, 2026Remote Exploitable

Overview

Google Chrome < 145.0.7632.159 contains an out of bounds memory access vulnerability caused by inappropriate implementation in WebAudio, letting remote attackers execute out of bounds memory access via crafted HTML pages, exploit requires no special privileges.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 6.8%(Probability of exploitation in next 30 days)

Impact

Remote attackers can perform out of bounds memory access, potentially leading to code execution or browser crash.

Mitigation

Update to version 145.0.7632.159 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 5, 2026

🟠 CVE-2026-3540 - High (8.8) Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3540/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-3540
Severity: High
CVSS Score: 8.8
Type: out_of_bounds_rw
Status: confirmed
EPSS: 6.8%
Social Posts: 1

CWE

CWE-125

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

6.8%Probability of exploitation in the next 30 days