LeakyCreds
NewInstant webhook alerts now available ā€” notified within seconds of any credential detection.Learn more ā†’
Home / Vulnerability Intelligence / CVE-2026-4451

CVE-2026-4451 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 20, 2026

Google Chrome - Sandbox Escape

Published: March 20, 2026Updated: March 20, 2026Remote Exploitable

Overview

Google Chrome < 146.0.7680.153 contains a sandbox escape vulnerability caused by insufficient validation of untrusted input in Navigation, letting remote attackers with compromised renderer process escape sandbox, exploit requires compromised renderer process.

Severity & Score

Severity: High
CVSS Score: 8.8
EPSS Score: 9.9%(Probability of exploitation in next 30 days)

Impact

Attackers with compromised renderer process can escape sandbox, potentially gaining higher privileges on the system.

Mitigation

Update to version 146.0.7680.153 or later.

References

Social Media Activity(1 post)

TheHackerWire
TheHackerWire
@thehackerwire
Mar 22, 2026

šŸŸ  CVE-2026-4451 - High (8.8) Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit... šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-4451/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID
CVE-2026-4451
Severity
High
CVSS Score
8.8
Type
undefined
Status
confirmed
EPSS
9.9%
Social Posts
1

CWE

  • CWE-20

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

9.9%Probability of exploitation in the next 30 days