CVE-2026-0899
BaseFortify
Publication date: 2026-01-20
Last updated on: 2026-01-29
Assigner: Chrome
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| chrome | to 144.0.7559.59 (exc) | |
| linux | linux_kernel | * |
| microsoft | windows | * |
| chrome | to 144.0.7559.60 (exc) | |
| apple | macos | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Update Google Chrome to version 144.0.7559.59 or later to fix the out of bounds memory access vulnerability in V8.
Can you explain this vulnerability to me?
This vulnerability is an out of bounds memory access issue in the V8 engine used by Google Chrome versions prior to 144.0.7559.59. It allows a remote attacker to potentially exploit object corruption by crafting a malicious HTML page.
How can this vulnerability impact me? :
The vulnerability could allow a remote attacker to corrupt objects in memory, which may lead to arbitrary code execution or other malicious behavior when a user visits a specially crafted HTML page.