Chrome V8 RCE Remote via Crafted HTML (before 146.0.7680.153)
CVE-2026-4447 Published on March 20, 2026

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

NVD

Products Associated with CVE-2026-4447

Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.

Google Chrome

Affected Versions

Google Chrome:

Version 146.0.7680.153 and below 146.0.7680.153 is affected.

Chrome V8 RCE Remote via Crafted HTML (before 146.0.7680.153)CVE-2026-4447 Published on March 20, 2026

Products Associated with CVE-2026-4447

Affected Versions

Chrome V8 RCE Remote via Crafted HTML (before 146.0.7680.153)
CVE-2026-4447 Published on March 20, 2026