EUVD-2026-20740

| CVE-2026-5910 HIGH
2026-04-08 Chrome GHSA-g284-h8h3-hv83
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch Released
Apr 08, 2026 - 23:32 nvd
Patch available
Analysis Generated
Apr 08, 2026 - 22:01 vuln.today
EUVD ID Assigned
Apr 08, 2026 - 22:01 euvd
EUVD-2026-20740
CVE Published
Apr 08, 2026 - 21:21 nvd
HIGH 8.8

Tags

Google Buffer Overflow

Description

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

Analysis

Integer overflow in Google Chrome's media handling (versions prior to 147.0.7727.55) enables remote attackers to trigger heap corruption through specially crafted video files, achieving potential arbitrary code execution with high confidentiality, integrity, and availability impact. Attack requires user interaction to open malicious media content. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Notify all users to update Chrome immediately to version 147.0.7727.55 or later via auto-update or manual installation. Within 7 days: Verify update deployment through endpoint management tools and confirm no systems remain on vulnerable versions. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

44
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +44
POC: 0

Share

EUVD-2026-20740 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy