You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 3918
About this tag
CVE-2026-3918 is a high-severity use-after-free vulnerability in the WebMCP component of Chromium, affecting both Google Chrome and Microsoft Edge. Discovered by researcher Syn4pse and awarded a $10,000 bounty, the flaw was patched in Chrome's March 2026 stable update. Because Edge shares Chromium's codebase, Microsoft advises treating the browser update as part of standard exposure reduction. Users and administrators should apply the latest browser patches immediately to mitigate the risk of exploitation. This tag covers discussion of the vulnerability, its impact on Windows browsers, and patching guidance for enterprise IT environments.
Chromium: CVE-2026-3918 Use after free in WebMCP is the latest reminder that browser security is no longer just about classic sandbox escapes or renderer bugs. In Chrome’s March 2026 stable update, Google assigned CVE-2026-3918 as a high-severity use-after-free flaw in WebMCP, with a bounty of...