wid-sec-w-2026-0612 · Published 2026-03-04 · View on BSI CERT-Bund ↗

Google Chrome: Multiple Vulnerabilities

CVSS 9.6 CRITICAL

Risk Summary

Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

CVEs (10)

CVE-2026-3536 CVE-2026-3537 CVE-2026-3538 CVE-2026-3539 CVE-2026-3540 CVE-2026-3541 CVE-2026-3542 CVE-2026-3543 CVE-2026-3544 CVE-2026-3545

Affected Vendors

Debian Fedora Google SUSE

Affected Products (4)

Google · Chrome <145.0.7632.159

Google · Chrome 145.0.7632.159

Google · Chrome <145.0.7632.160

Google · Chrome 145.0.7632.160

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more