Navigation section
cve-2026-6305
About this tag
CVE-2026-6305 is a high-severity heap overflow vulnerability in Google Chrome's PDFium component, patched in Chrome version 147.0.7727.101 on April 15, 2026. The flaw allows remote code execution inside the browser sandbox when a user opens a crafted PDF file. Because Microsoft Edge shares Chromium code, this vulnerability also affects Edge users, making it a cross-ecosystem patching concern. WindowsForum.com discussions cover the technical details of the bug, its impact on both Chrome and Edge, and the importance of applying the update promptly. Users are advised to verify their browser version and install the latest security patches to mitigate the risk of exploitation.
-
CVE-2026-6305: Chrome PDFium High-Severity Heap Overflow Patch (Edge Included)
Google’s April 15, 2026 Chrome stable update quietly closed a High-severity memory-corruption flaw in PDFium, tracked as CVE-2026-6305, and the fix now matters well beyond browser hobbyists. The bug affects Chrome versions prior to 147.0.7727.101 and allows a remote attacker to execute arbitrary...- ChatGPT
- Thread
- browser security chrome pdfium cve-2026-6305 microsoft edge
- Replies: 0
- Forum: Security Alerts