CVE-2026-2648

Опубликовано: 18 фев. 2026

Источник: redhat

CVSS3: 8.8

EPSS Низкий

Описание

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. (Chromium security severity: High)

A heap buffer overflow flaw was found in the PDFium component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=477033835

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

Ссылки на источники

Дополнительная информация

Статус:

Important

https://bugzilla.redhat.com/show_bug.cgi?id=2440791chromium-browser: Heap buffer overflow in PDFium

EPSS

Процентиль: 10%

0.00035

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2026-2648

CVSS3: 8.8

nvd

около 1 месяца назад

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. (Chromium security severity: High)

CVE-2026-2648

msrc

около 1 месяца назад

Chromium: CVE-2026-2648 Heap buffer overflow in PDFium

CVE-2026-2648

CVSS3: 8.8

debian

около 1 месяца назад

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.10 ...

GHSA-4g6v-jhwq-9xjj

CVSS3: 8.8

github

около 1 месяца назад

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. (Chromium security severity: High)

openSUSE-SU-2026:20258-1

suse-cvrf

около 1 месяца назад

Security update for chromium

EPSS

Процентиль: 10%

0.00035

Низкий

8.8 High

CVSS3