【Vulnerability Alert】 Chromium-based Browsers Contain 21 High-Risk Security Vulnerabilities; Please Confirm and Apply the Patch as Soon as Possible
Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026040901043636 | Publication Time | 2026/04/09 13:08 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026/04/09 13:08 |
| Impact Level | Medium | ||
| [Subject] 【Vulnerability Alert】 Chromium-based Browsers Contain 21 High-Risk Security Vulnerabilities; Please Confirm and Apply the Patch as Soon as Possible |
|||
| [Content] Forwarded from the National Institute of Cyber Security NISAC-200-202604-00000003 Researchers have discovered that Chromium-based browsers, including Google Chrome, Microsoft Edge, Vivaldi, Brave, and Opera, contain 21 high-risk security vulnerabilities (CVE-2026-5272 to CVE-2026-5292). The vulnerability types include Buffer Overflow and Use After Free. In the most serious cases, an unauthenticated remote attacker can exploit a specially crafted HTML page to escape the browser sandbox environment and execute arbitrary code. Among them, CVE-2026-5281 has already been exploited by attackers. Please confirm and apply the patch as soon as possible. (Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] Google Chrome versions earlier than 146.0.7680.177 (excluding 146.0.7680.177) Microsoft Edge versions earlier than 146.0.3856.97 (excluding 146.0.3856.97) Vivaldi versions earlier than 7.9.3970.47 (excluding 7.9.3970.47) Brave versions earlier than 1.88.138 (excluding 1.88.138) Opera versions earlier than 129.0.5823.65 (excluding 129.0.5823.65) |
|||
| [Recommended Actions]
1. Please update Google Chrome to version 146.0.7680.178 or later (inclusive). https://support.google.com/chrome/answer/95414?hl=zh-Hant 2. Please update Microsoft Edge to version 146.0.3856.97 or later (inclusive). https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1 3. Please update Vivaldi to version 7.9.3970.47 or later (inclusive). https://help.vivaldi.com/desktop/install-update/update-vivaldi/ 4. Please update Brave to version 1.88138 or later (inclusive). https://community.brave.com/t/how-to-update-brave/384780 5. Please update Opera to version 129.0.5823.65 or later (inclusive). https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser |
|||
| [Reference] 1. https://support.google.com/chrome/answer/95414?hl=zh-Hant 2. https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1 3. https://help.vivaldi.com/desktop/install-update/update-vivaldi/ 4. https://community.brave.com/t/how-to-update-brave/384780 5. https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser 6. https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html 7. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5281 8. https://vivaldi.com/blog/desktop/minor-update-four-7-9/ 9. https://brave.com/latest/ 10. https://blogs.opera.com/security/2026/04/update-your-browser-security-fix-for-chrome-zero-day-cve-2026-5281/ |
|||
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw