Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-4458

Опубликовано: 20 мар. 2026
Источник: nvd
CVSS3: 8.8
EPSS Низкий

Описание

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Версия до 146.0.7680.153 (исключая)

Одно из

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 8%
0.00029
Низкий

8.8 High

CVSS3

Дефекты

CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2026-4458

CVSS3: 8.8
ubuntu
21 день назад

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

redhat логотип

CVE-2026-4458

CVSS3: 9.6
redhat
23 дня назад

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

msrc логотип

CVE-2026-4458

msrc
18 дней назад

Chromium: CVE-2026-4458 Use after free in Extensions

debian логотип

CVE-2026-4458

CVSS3: 8.8
debian
21 день назад

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 ...

github логотип

GHSA-fj38-hpf4-jxg7

CVSS3: 8.8
github
21 день назад

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

EPSS

Процентиль: 8%
0.00029
Низкий

8.8 High

CVSS3

Дефекты

CWE-416