CVE-2026-5290 in Chrome信息

摘要 (英语)

Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

负责

Chrome

预定

2026-03-31

披露

2026-04-01

状态

已确认

条目

VulDB provides additional information and datapoints for this CVE:

标识符	漏洞	CWE	可利用	对策	CVE
354604	Google Chrome Compositing 内存损坏	416	未定义	官方修复	CVE-2026-5290

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

来源

MITRE
NVD
CVE Details

◂ 上一步一览下一步 ▸