Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Chrome | affected |
|
No data.
No data.
No data.
Subscriptions
No data.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 20 Mar 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| Weaknesses | CWE-20 | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: Chrome
Published:
Updated: 2026-03-20T01:34:50.952Z
Reserved: 2026-03-19T20:23:51.121Z
Link: CVE-2026-4451
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-03-20T02:16:38.063
Modified: 2026-03-20T02:16:38.063
Link: CVE-2026-4451
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses