# CVE-2026-4675

> Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory read via a crafted HTML page. The vulnerability resides in Chrome's WebGL graphics rendering component and was reported by the same pseudonymous researcher (_86ac1f1587b71893ed2ad792cd7dde32_) who discovered CVE-2026-5281 (Dawn WebGPU use-after-free zero-day under active exploitation) and CVE-2026-4676 (Dawn use-after-free with sandbox escape potential). This cluster of GPU-layer vulnerabilities suggests systematic fuzzing or targeted research into Chrome's graphi

- **CVSS:** 8.8 (HIGH)
- **EPSS:** 0.1%
- **CWE:** CWE-122, CWE-787

Canonical: https://intel.threadlinqs.com/cve/CVE-2026-4675
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp