CVE-2026-3913

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.71

Description A heap buffer overflow exists in the WebML component of Google Chrome. This issue allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. The Chromium security severity is considered critical. There is no information available regarding the number of potentially affected devices worldwide or any real-world incidents where this issue was exploited. The vulnerability resides within the WebML component, specifically related to handling potentially malicious HTML content. The vulnerability can be triggered by visiting a specially crafted webpage.

Recommendations Update Google Chrome to version 146.0.7680.71 or later.