CVE-2026-2648
Published: February 18th, 2026
Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. (Chromium security severity: High)
Unknown
CVSS v2:
CVSS v2:
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 0.0.0.1 | pdfium (5060) | Needs Triage | ||
| 26.1 | pdfium (5060) | Needs Triage | ||
| 25.4 | pdfium (5060) | Needs Triage | ||
| 25.3 | pdfium (5060) | Needs Triage | ||
| 25.2 | pdfium (5060) | Needs Triage | ||
| 25.1.1 | pdfium (5060) | Needs Triage | ||
| 25.1 | pdfium (5060) | Needs Triage | ||
| 24.4 | pdfium (5060) | Needs Triage | ||
| 24.4.0 | pdfium (5060) | Needs Triage | ||
| 24.3 | pdfium (5060) | Needs Triage | ||
| 24.2.1 | pdfium (5060) | Needs Triage | ||
| 24.2 | pdfium (5060) | Needs Triage | ||
| 24.1 | pdfium (5060) | Needs Triage | ||
| 23.3 | pdfium (5060) | Needs Triage | ||
| 23.2.1 | pdfium (5060) | Needs Triage | ||
| 23.2 | pdfium (5060) | Needs Triage | ||
| 23.1 | pdfium (5060) | Needs Triage | ||
| 22.4 | pdfium (5060) | Needs Triage | ||
| 22.3 | pdfium (5060) | Needs Triage |