VDB
CVE-2026-4459
CVE-2026-4459
PUBLISHED
CVSS 8.800000190734863 HIGH
Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS 0.03% · 8.9th percentile
Risk Scores
CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.03%
8.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| chrome | 0, 0, 0 | |
| Chrome | 146.0.7680.153, 146.0.7680.153, 146.0.7680.153 |
Timeline
- Mar 20, 2026 CVE Published
- Mar 20, 2026 EPSS Score
- Mar 21, 2026 EPSS Score
- Mar 21, 2026 Coalition ESS Score
- Mar 22, 2026 EPSS Score
- Mar 22, 2026 Coalition ESS Score
- Mar 22, 2026 PoC Published
- Mar 23, 2026 EPSS Score
- Mar 24, 2026 EPSS Score
- Mar 25, 2026 EPSS Score
- Mar 29, 2026 Security Advisory
- Apr 1, 2026 Security Advisory
References
- https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html advisory
- https://issues.chromium.org/issues/490246422 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-4459 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32187 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4674 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4680 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4673 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4459 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4677 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4679 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4442 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4675 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4453 advisory