Description
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
Published: 2026-04-15
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A heap buffer overflow and out-of-bounds write exist in PDFium, the PDF rendering engine used by Google Chrome. A crafted PDF file can trigger memory corruption that allows a remote attacker to execute arbitrary code within the browser’s sandbox. The flaw is characterized as a heap buffer overflow (CWE-122) and an out-of-bounds write (CWE-787). Once the exploit is triggered, the attacker can potentially escape the sandbox and compromise the host system.

Affected Systems

Google Chrome desktop versions prior to 147.0.7727.101 are affected. The vulnerability applies to all builds that ship with the vulnerable PDFium code during the stable release channel.

Risk and Exploitability

The vulnerability has a CVSS score of 8.8, indicating high severity, but no EPSS score is currently available, and it is not listed in the CISA KEV catalog. The most likely attack vector involves a remote attacker delivering a malicious PDF via email, web download, or other file transfer methods. Once a user opens the compromised PDF in Chrome, the flaw can be leveraged to gain arbitrary code execution while still confined initially to the sandbox; however, subsequent exploits could escape to the host. Given the severity and the ease of exploitation, this poses a significant risk to users who do not promptly update their browsers.

Generated by OpenCVE AI on April 16, 2026 at 02:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 147.0.7727.101 or later to remove the PDFium vulnerability
  • If an update cannot be applied immediately, disable the built‑in PDF viewer or use a third‑party PDF reader to prevent the exploit from being triggered
  • Verify that Chrome’s sandbox is enabled and has not been overridden by custom policies or extensions

Generated by OpenCVE AI on April 16, 2026 at 02:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: Heap buffer overflow in PDFium
Weaknesses CWE-787
References
Metrics threat_severity

None

 threat_severity

Important

Wed, 15 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
Weaknesses CWE-122
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-04-16T03:56:17.490Z

Reserved: 2026-04-14T18:12:22.696Z

Link: CVE-2026-6305

cve-icon Vulnrichment

Updated: 2026-04-15T20:24:28.159Z

cve-icon NVD

Status : Received

Published: 2026-04-15T20:16:39.773

Modified: 2026-04-15T21:17:28.200

Link: CVE-2026-6305

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-15T00:00:00Z

Links: CVE-2026-6305 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T02:30:21Z

Weaknesses