Home / Vulnerability Intelligence / CVE-2026-7346

CVE-2026-7346 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: April 29, 2026

Google Chrome - Out of Bounds Read/Write

Published: April 28, 2026Updated: April 29, 2026Remote Exploitable

Overview

Google Chrome < 147.0.7727.138 contains an out of bounds memory access vulnerability caused by inappropriate implementation in Tint, letting remote attackers access memory out of bounds via crafted HTML pages, exploit requires crafted HTML page.

Severity & Score

Severity: High

CVSS Score: 8.1

Impact

Remote attackers can access memory out of bounds, potentially leading to information disclosure or application crash.

Mitigation

Update to version 147.0.7727.138 or later.

References

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html
https://issues.chromium.org/issues/502206907

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-7346
Severity: High
CVSS Score: 8.1
Type: out_of_bounds_rw
Status: new

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N