CVE-2026-3918

Google Chrome <146.0.7680.71 - Use After Free

Title source: llm

Description

Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

References (2)

[Release Notes, Vendor Advisory] https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html

[Issue Tracking] https://issues.chromium.org/issues/483853103

Scores

Classification

CWE

CWE-416

Status draft

Timeline

Published Mar 11, 2026

Tracked Since Mar 12, 2026