Webaudio — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/webaudio/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioWed, 25 Mar 2026 12:00:00 +0000Google Chrome WebAudio Heap Buffer Overflow Vulnerability (CVE-2026-4673)https://feed.craftedsignal.io/briefs/2026-03-chrome-webaudio-heap-overflow/Wed, 25 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-chrome-webaudio-heap-overflow/A remote attacker can exploit a heap buffer overflow vulnerability (CVE-2026-4673) in Google Chrome's WebAudio component before version 146.0.7680.165 by crafting a malicious HTML page, potentially leading to an out-of-bounds memory write and arbitrary code execution.<p>CVE-2026-4673 is a heap buffer overflow vulnerability affecting the WebAudio component of Google Chrome. The vulnerability exists in versions prior to 146.0.7680.165. A remote attacker could exploit this vulnerability by crafting a malicious HTML page designed to trigger an out-of-bounds memory write. The Chromium security team has rated this vulnerability as High severity. Successful exploitation could allow an attacker to potentially execute arbitrary code within the context of the Chrome…</p> criticaladvisorycve-2026-4673chromewebaudioheap overflowcode executionGoogle Chrome WebAudio Out-of-Bounds Read Vulnerability (CVE-2026-4677)https://feed.craftedsignal.io/briefs/2026-03-chrome-webaudio-oob-read/Tue, 24 Mar 2026 01:17:03 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-chrome-webaudio-oob-read/A remote attacker can trigger an out-of-bounds memory read in Google Chrome's WebAudio implementation by crafting a malicious HTML page (CVE-2026-4677), affecting versions prior to 146.0.7680.165.<p>CVE-2026-4677 describes an out-of-bounds memory read vulnerability in the WebAudio component of Google Chrome. Successful exploitation of this vulnerability allows a remote attacker to potentially read sensitive information from the browser&rsquo;s memory. The vulnerability exists in Google Chrome versions prior to 146.0.7680.165. The attack involves crafting a malicious HTML page that, when opened in a vulnerable version of Chrome, triggers the out-of-bounds read in the WebAudio processing. The…</p> highadvisorycve-2026-4677chromewebaudioout-of-bounds read