Description
Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Published: 2026-04-28
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Google Chrome’s Tint rendering engine implements an inappropriate bounds check that can be triggered by a specially crafted HTML page. The flaw allows out-of-bounds memory access (CWE‑119, CWE‑131), which may enable an attacker to read or overwrite arbitrary memory on the client’s machine. The Chromium security team has rated this issue as high severity, indicating the potential for significant impact if the memory corruption is leveraged.

Affected Systems

This vulnerability is present in Google Chrome on all platforms where the Tint engine is used, affecting all versions prior to 147.0.7727.138. Administrators should ensure their Chrome installation is updated to at least 147.0.7727.138 or later to mitigate the defect.

Risk and Exploitability

Exploitability requires delivery of a crafted web page, making it a classic drive‑by attack scenario. The CVSS score of 8.1 reflects a high‑severity risk. The EPSS score of < 1% indicates that while exploitation is possible, the probability of real‑world attacks is low, and the vulnerability is currently not in CISA’s KEV catalog. If an attacker can exploit the out-of-bounds access, it could lead to remote code execution or other severe compromises.

Generated by OpenCVE AI on April 30, 2026 at 14:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to the most recent release that contains the Tint fix
  • Restart Chrome after applying the update to ensure the patched component is loaded
  • Consider disabling or restricting JavaScript execution in untrusted web pages until the patch is applied

Generated by OpenCVE AI on April 30, 2026 at 14:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6239-1 chromium security update
History

Thu, 30 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Thu, 30 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 04:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-122

Wed, 29 Apr 2026 13:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

Wed, 29 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Memory Access in Chrome Tint Rendering Engine chromium-browser: Inappropriate implementation in Tint
Weaknesses CWE-131
References
Metrics threat_severity

None

 cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

threat_severity

Important

Wed, 29 Apr 2026 01:30:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Memory Access in Chrome Tint Rendering Engine
Weaknesses CWE-122

Wed, 29 Apr 2026 00:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Tue, 28 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-04-30T03:55:21.222Z

Reserved: 2026-04-28T20:02:40.077Z

Link: CVE-2026-7346

cve-icon Vulnrichment

Updated: 2026-04-29T12:48:55.647Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-28T23:16:22.190

Modified: 2026-04-30T18:28:04.463

Link: CVE-2026-7346

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-28T00:00:00Z

Links: CVE-2026-7346 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T14:15:40Z

Weaknesses