Heap Buffer Overflow in Google Chrome by Google
CVE-2026-5272

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 1 April 2026

What is CVE-2026-5272?

A heap buffer overflow vulnerability exists in the GPU component of Google Chrome, which could be exploited by a remote attacker to execute arbitrary code. This can be triggered through a specially crafted HTML page, leading to potential compromise of the affected system. Users are urged to update to version 146.0.7680.178 or later to mitigate the risks associated with this vulnerability.

Affected Version(s)

Chrome 146.0.7680.178

References

https://chromereleases.googleblog.com/2026/03/stable-chan...

https://issues.chromium.org/issues/491732188

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2026
Vulnerability Reserved
Mar 31, 2026

CVE-2026-5272 Data

JSON