CVE-2026-3062

CRITICAL

Google Chrome <145.0.7632.116 - Memory Corruption

Title source: llm

Description

Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Exploits (1)

nomisec

by z3r0h3ro · poc

https://github.com/z3r0h3ro/CVE-2026-3062-chain

View on nomisec

References (2)

[Release Notes, Vendor Advisory] https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html

[Issue Tracking] https://issues.chromium.org/issues/483751167

Scores

CVSS v3 9.8

EPSS 0.0003

EPSS Percentile 7.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-787 CWE-125

Status published

Affected Products (1)

google/chrome < 145.0.7632.116

Timeline

Published Feb 23, 2026

Tracked Since Feb 24, 2026