Home / Vulnerability Intelligence / CVE-2026-4447

CVE-2026-4447 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 20, 2026

Google Chrome - Remote Code Execution

Published: March 20, 2026Updated: March 20, 2026Remote Exploitable

Overview

Google Chrome < 146.0.7680.153 contains a remote code execution caused by inappropriate implementation in V8 engine, letting remote attackers execute arbitrary code inside sandbox via crafted HTML page, exploit requires no special privileges.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 8.8%(Probability of exploitation in next 30 days)

Impact

Remote attackers can execute arbitrary code inside the sandbox, potentially compromising the browser environment.

Mitigation

Update to version 146.0.7680.153 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 22, 2026

🟠 CVE-2026-4447 - High (8.8) Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4447/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-4447
Severity: High
CVSS Score: 8.8
Type: undefined
Status: confirmed
EPSS: 8.8%
Social Posts: 1

CWE

NVD-CWE-noinfo

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

8.8%Probability of exploitation in the next 30 days