Heap Buffer Overflow Vulnerability in Google Chrome's PDFium Component
CVE-2026-6306

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 15 April 2026

What is CVE-2026-6306?

A heap buffer overflow vulnerability in the PDFium component of Google Chrome prior to version 147.0.7727.101 allows attackers to exploit this weakness through specially crafted PDF files. When a user opens a malicious PDF, it can lead to potential arbitrary code execution within the browser's sandbox environment, posing significant risks to users' data security. It's crucial for users to upgrade to the latest version of Chrome to mitigate this threat and protect their systems from potential exploitation.

Affected Version(s)

Chrome 147.0.7727.101

References

https://chromereleases.googleblog.com/2026/04/stable-chan...

https://issues.chromium.org/issues/496907110

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Apr 14, 2026

CVE-2026-6306 Data

JSON