{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-4678/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-4678","use-after-free","chrome","webgpu"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-4678 is a use-after-free vulnerability impacting Google Chrome versions earlier than 146.0.7680.165. The vulnerability resides within the WebGPU component, a modern graphics API. An unauthenticated, remote attacker can exploit this flaw by enticing a user to open a specially crafted HTML page. Successful exploitation allows the attacker to execute arbitrary code inside the Chrome sandbox. The Chromium project rates this as a High severity issue due to the potential for arbitrary code…\u003c/p\u003e\n","date_modified":"2026-03-24T01:17:03Z","date_published":"2026-03-24T01:17:03Z","id":"/briefs/2026-03-chrome-webgpu-uaf/","summary":"A use-after-free vulnerability in Google Chrome's WebGPU component (CVE-2026-4678) allows a remote attacker to execute arbitrary code within a sandbox by crafting a malicious HTML page, affecting Chrome versions prior to 146.0.7680.165.","title":"Google Chrome WebGPU Use-After-Free Vulnerability (CVE-2026-4678)","url":"https://feed.craftedsignal.io/briefs/2026-03-chrome-webgpu-uaf/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-4678","version":"https://jsonfeed.org/version/1.1"}