Out of Bounds Memory Read in Google Chrome WebAudio
CVE-2026-4677

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 24 March 2026

What is CVE-2026-4677?

A vulnerability in the WebAudio component of Google Chrome prior to version 146.0.7680.165 can be exploited by a remote attacker through a specially crafted HTML page. This could lead to an out of bounds memory read, potentially exposing sensitive information or causing application instability. Users are advised to update to the latest version of Chrome to mitigate this risk.

Affected Version(s)

Chrome 146.0.7680.165

References

https://chromereleases.googleblog.com/2026/03/stable-chan...

https://issues.chromium.org/issues/490533968

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 24, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-4677 Data

JSON