CVE-2026-4458 — Use After Free in Google Chrome
Severity
8.8HIGHNVD
EPSS
0.0%
top 91.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 20
Description
Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages3 packages
🔴Vulnerability Details
3📋Vendor Advisories
4Debian▶
CVE-2026-4458: chromium - Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an...↗2026