Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-5290
NONE
EPSS 0.06%
Updated Apr 01, 2026
Google
CVE Details
CVE ID
CVE-2026-5290
Published Date
Apr 01, 2026
Vendor
Google
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.06%
Likelihood of exploitation in next 30 days
Percentile:
19.7th percentile (higher than 19.7% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory