CVE-2026-5292 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: April 1, 2026
Google Chrome - Out of Bounds Read
Overview
Google Chrome < 146.0.7680.178 contains an out of bounds read caused by improper memory handling in WebCodecs, letting remote attackers read out of bounds memory via crafted HTML pages, exploit requires no special privileges.
Severity & Score
Impact
Remote attackers can read out of bounds memory, potentially leaking sensitive information.
Mitigation
Update to version 146.0.7680.178 or later.
References
Social Media Activity(2 posts)
š CVE-2026-5292 - High (8.8) Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) š https://www.thehackerwire.com/vulnerability/CVE-2026-5292/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-5292 - High (8.8) Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) š https://www.thehackerwire.com/vulnerability/CVE-2026-5292/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-5292
- Severity
- High
- CVSS Score
- 8.8
- Type
- out_of_bounds_rw
- Status
- confirmed
- EPSS
- 3.2%
- Social Posts
- 2
CWE
- CWE-125
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H