CVE-2026-0902Use of Function with Inconsistent Implementations in Google Chrome

CWE-474Use of Function with Inconsistent Implementations9 documents9 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 71.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeChromium
Timeline
PublishedJan 20
Latest updateFeb 27

Description

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5google/chrome144.0.7559.59144.0.7559.59
NVDgoogle/chrome< 144.0.7559.59+1
Debianchromium/chromium< 144.0.7559.59-1~deb12u1+2

🔴Vulnerability Details

3
CVEList
CVE-2026-0902: Inappropriate implementation in V8 in Google Chrome prior to 1442026-01-20
OSV
CVE-2026-0902: Inappropriate implementation in V8 in Google Chrome prior to 1442026-01-20
GHSA
GHSA-7m49-7hpq-vmxj: Inappropriate implementation in V8 in Google Chrome prior to 1442026-01-20

📋Vendor Advisories

4
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2026-09022026-02-27
Microsoft
Chromium: CVE-2026-0902 Inappropriate implementation in V82026-01-13
Red Hat
chromium-browser: Inappropriate implementation in V82026-01-13
Debian
CVE-2026-0902: chromium - Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allow...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-0902 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-0902 — Google Chrome vulnerability | cvebase