LeakyCreds
NewInstant webhook alerts now available ā€” notified within seconds of any credential detection.Learn more ā†’
Home / Vulnerability Intelligence / CVE-2026-4674

CVE-2026-4674 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 24, 2026

Google Chrome - Out of Bounds Read

Published: March 24, 2026Updated: March 24, 2026Remote Exploitable

Overview

Google Chrome < 146.0.7680.165 contains an out of bounds read caused by improper CSS handling, letting remote attackers perform out of bounds memory access via crafted HTML pages, exploit requires no special privileges.

Severity & Score

Severity: High
CVSS Score: 8.8
EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Remote attackers can perform out of bounds memory access, potentially leading to information disclosure or application crash.

Mitigation

Update to version 146.0.7680.165 or later.

References

Social Media Activity(4 posts)

TheHackerWire
TheHackerWire
@thehackerwire
Mar 24, 2026

šŸŸ  CVE-2026-4674 - High (8.8) Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-4674/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 24, 2026

šŸŸ  CVE-2026-4674 - High (8.8) Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-4674/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 24, 2026

šŸŸ  CVE-2026-4674 - High (8.8) Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-4674/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 24, 2026

šŸŸ  CVE-2026-4674 - High (8.8) Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-4674/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID
CVE-2026-4674
Severity
High
CVSS Score
8.8
Type
out_of_bounds_rw
Status
new
EPSS
0.0%
Social Posts
4

CWE

  • CWE-125

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.0%Probability of exploitation in the next 30 days