CVE Watchtower β Back to CVE ListCVE-2026-2648NVDDescriptionHeap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. (Chromium security severity: High)Severity LevelHIGH (8.8)Published Date18/02/2026Last Modified19/02/2026Exploitation Status????Referenceshttps://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.htmlhttps://issues.chromium.org/issues/477033835