CVE-2026-6361

ADVISORY - nist

Summary

Heap buffer overflow in PDFium in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-122⁠

Heap-based Buffer Overflow

ADVISORY - redhat

CWE-120⁠

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Impacted images

Advisories

NIST

CREATED

19 hours ago

UPDATED

5 hours ago

ADVISORY IDCVE-2026-6361⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

7.2high

Debian

CREATED

16 hours ago

UPDATED

3 hours ago

ADVISORY IDCVE-2026-6361⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Red Hat

CREATED

20 hours ago

UPDATED

2 hours ago

ADVISORY IDCVE-2026-6361⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

8.8high