high advisory March 24, 2026

Google Chrome Font Integer Overflow Vulnerability (CVE-2026-4679)

A remote attacker can perform an out-of-bounds memory write on Google Chrome by exploiting an integer overflow in the Fonts component via a crafted HTML page in versions prior to 146.0.7680.165.

CVE-2026-4679 is an integer overflow vulnerability affecting the Fonts component in Google Chrome versions prior to 146.0.7680.165. A remote attacker can exploit this vulnerability by crafting a malicious HTML page that, when rendered by a vulnerable Chrome browser, triggers an integer overflow condition, leading to an out-of-bounds memory write. This vulnerability exists because of insufficient validation when handling font data. Successful exploitation could lead to arbitrary code execution…

Detection coverage 2

Detect Chrome Font Integer Overflow Attempt

high

Detects potential attempts to exploit the Chrome font integer overflow vulnerability (CVE-2026-4679) by monitoring process creations that load font libraries after suspicious network activity.

sigma tactics: execution techniques: T1204.002 sources: process_creation, windows

Detect Suspicious Font File Download

medium

Detects the download of font files from unusual sources, which could be indicative of an attempt to deliver a malicious font for exploitation.

sigma tactics: initial_access techniques: T1566.001 sources: network_connection, windows

Detection queries are kept inside the platform. Get full rules →