You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
skia out of bounds read
About this tag
The Skia out-of-bounds read tag covers memory safety vulnerabilities in Google Chrome's Skia graphics library, including CVE-2026-6364 and CVE-2026-4460. These flaws allow a remote attacker to extract sensitive information from process memory via crafted HTML pages or files. Patches are available in Chrome versions 146.0.7680.153 and 147.0.7727.101. The vulnerabilities are rated High severity in Chromium's framework and are also tracked by Microsoft's Security Update Guide, indicating broader ecosystem impact. Discussions focus on exploitation chains, patch urgency, and the recurring nature of memory-safety bugs in browser engines.
Google has patched a Skia out-of-bounds read in Chrome that maps to CVE-2026-6364, and the fix matters more than the severity label might suggest. The vulnerable builds are Google Chrome prior to 147.0.7727.101, and Google says a crafted file could let a remote attacker extract potentially...
Google’s latest security advisory for CVE-2026-4460 is a reminder that even mature browser engines can still be tripped up by a single memory-safety flaw. The issue is an out-of-bounds read in Skia, the graphics library used by Chrome, and Google says it affected Chrome versions prior to...