{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-4680/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["CVE-2026-4680","use-after-free","chrome","fedcm"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA use-after-free vulnerability, identified as CVE-2026-4680, exists in the FedCM implementation of Google Chrome. This flaw affects versions prior to 146.0.7680.165. Exploitation is possible by a remote attacker who crafts a malicious HTML page. Successful exploitation allows for arbitrary code execution within the Chrome sandbox, potentially leading to further compromise. The Chromium security team has rated this vulnerability as High severity. This issue impacts users across Windows, Linux…\u003c/p\u003e\n","date_modified":"2026-03-24T01:17:03Z","date_published":"2026-03-24T01:17:03Z","id":"/briefs/2026-03-chrome-fedcm-uaf/","summary":"A use-after-free vulnerability in Google Chrome's FedCM component (CVE-2026-4680) allows a remote attacker to execute arbitrary code within a sandbox by exploiting a crafted HTML page.","title":"Google Chrome FedCM Use-After-Free Vulnerability (CVE-2026-4680)","url":"https://feed.craftedsignal.io/briefs/2026-03-chrome-fedcm-uaf/"}],"language":"en","title":"CraftedSignal Threat Feed — CVE-2026-4680","version":"https://jsonfeed.org/version/1.1"}