You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
tint out of bounds
About this tag
The tag 'tint out of bounds' refers to a specific high-severity Chrome vulnerability, CVE-2026-7346, disclosed on April 28, 2026. This bug resides in the Tint component, which handles graphics and WebGPU-adjacent operations in Chromium-based browsers. It allows a remote attacker to trigger out-of-bounds memory access via a crafted HTML page on desktop browsers. The vulnerability was fixed in Chrome version 147.0.7727.138. For Windows users and enterprise IT administrators, the primary mitigation is to update Chrome and any Chromium-based browsers to the patched build. This tag highlights that browser attack surfaces now extend beyond traditional JavaScript engines and media parsers into graphics plumbing.
Google published CVE-2026-7346 on April 28, 2026, as a high-severity Chrome vulnerability in Tint, fixed before version 147.0.7727.138, that could let a remote attacker trigger out-of-bounds memory access through a crafted HTML page on desktop browsers. The interesting part is not that Chrome...