{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7346", "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "state": "PUBLISHED", "assignerShortName": "Chrome", "dateReserved": "2026-04-28T20:02:40.077Z", "datePublished": "2026-04-28T22:36:05.971Z", "dateUpdated": "2026-04-28T22:36:05.971Z"}, "containers": {"cna": {"affected": [{"vendor": "Google", "product": "Chrome", "versions": [{"version": "147.0.7727.138", "status": "affected", "lessThan": "147.0.7727.138", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Inappropriate implementation"}]}], "providerMetadata": {"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome", "dateUpdated": "2026-04-28T22:36:05.971Z"}, "references": [{"url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html"}, {"url": "https://issues.chromium.org/issues/502206907"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)"}], "id": "CVE-2026-7346", "lastModified": "2026-04-28T23:16:22.190", "metrics": {}, "published": "2026-04-28T23:16:22.190", "references": [{"source": "chrome-cve-admin@google.com", "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://issues.chromium.org/issues/502206907"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Received"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[147.0.7727.138,147.0.7727.138)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Chrome", "source": "cna", "vendor": "Google"}, "product": "chrome", "vendor": "google"}], "analysis": {"en": {"generated_at": "2026-04-29T01:04:55.962279+00:00", "value": {"mitigation_remediation": ["Upgrade Google Chrome to version 147.0.7727.138 or later", "Restart any instances of Chrome after the update to ensure the vulnerable component is unloaded", "Disable or limit JavaScript execution in untrusted web content until a patch is applied"], "summary": {"action": "Patch Now", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The flaw exists in Google Chrome versions released prior to 147.0.7727.138 on all supported operating systems. Users running Chrome 147.0.7727.137 or earlier are affected, regardless of platform.", "description_and_impact": "Chrome\u2019s Tint rendering engine contains an inappropriate bounds check that enables a remote attacker to trigger an out\u2011of\u2011bounds memory access via a specially crafted HTML page. This flaw can overwrite or read arbitrary memory, potentially allowing an attacker to execute arbitrary code on the client\u2019s machine. The vulnerability has been graded as a high\u2011severity issue by Chromium security teams.", "risk_and_exploitability": "The vulnerability is exploitable from a web page, making it a classic drive\u2011by attack vector. No EPSS score is available, but the high\u2011severity rating and lack of mitigation mean a motivated attacker could likely succeed against any user who opens the crafted page. The vulnerability is not currently listed in CISA\u2019s KEV catalog, but its potential for remote code execution warrants immediate attention."}}}}, "created": "2026-04-29T00:30:15.865308+00:00", "title": "Out\u2011of\u2011Bounds Memory Access in Chrome Tint Rendering Engine", "updated": "2026-04-29T01:15:44.707828+00:00", "vendors": ["google", "google$PRODUCT$chrome"], "weaknesses": ["CWE-122"]}