Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Hig

Description

Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected Products

Vendor	Product	Versions
google	chrome	< 146.0.7680.153

References

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html(Vendor Advisory, Release Notes)
https://issues.chromium.org/issues/487977696(Issue Tracking, Permissions Required)

Related News (1 articles)

Tier A

Microsoft MSRC4d ago

Chromium: CVE-2026-4452 Integer overflow in ANGLE

→ No new info (linked only)

CVSS 3.18.8 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-472, CWE-190

Published3/20/2026

Last enriched2h agov3

Trending Score25

Source articles1

Independent1

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Version History

Last enriched 2h ago

v3Tier A2h ago

Updated vendor to Google, product to Chrome, and added fixed version number 146.0.7680.153.

vendorproductpatchAvailable

via Microsoft MSRC

v2Tier A9h ago

Updated vendor to Microsoft and product to Edge, and marked exploit availability and active exploitation as true.

vendorproductexploitAvailableactivelyExploited

via Microsoft MSRC

v110h ago

Initial creation