Description
Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-28
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free flaw in the Document Object Model of Google Chrome. By delivering a specially crafted HTML page, a remote attacker can cause the browser to execute code that has already been freed from memory. If successful, the attacker gains the ability to run arbitrary code inside the Chrome sandbox, potentially enabling further compromise of the host system.

Affected Systems

Google Chrome browsers whose build version is older than 148.0.7778.216 are affected. All installations of this product that use a prior build are vulnerable; the CVE does not specify any particular operating system or platform.

Risk and Exploitability

Chromium labels the flaw as high severity, reflected in a CVSS score of 8.8. The EPSS score indicates a very low but nonzero exploitation probability, and the vulnerability is not listed in CISA KEV. Based on the description, it is inferred that attackers can deliver malicious HTML via a remote connection, such as an email attachment or a compromised web page, making the attack vector remote. Because execution occurs within the sandbox, the potential damage depends on the sandbox configuration, but arbitrary code execution remains a high‑risk outcome.

Generated by OpenCVE AI on May 29, 2026 at 14:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to version 148.0.7778.216 or newer to obtain the fix.
  • Configure endpoints to receive automatic updates so that future patches are applied promptly.
  • Use web filtering or a content‑security policy to block or warn against untrusted HTML content until the patch is deployed, mitigating the risk of accidental execution.

Generated by OpenCVE AI on May 29, 2026 at 14:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome DOM Enabling Arbitrary Code Execution via Crafted HTML chromium-browser: Use after free in DOM
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Important

Fri, 29 May 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 02:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 29 May 2026 00:45:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome DOM Enabling Arbitrary Code Execution via Crafted HTML

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-30T03:55:21.390Z

Reserved: 2026-05-28T17:25:14.896Z

Link: CVE-2026-10016

cve-icon Vulnrichment

Updated: 2026-05-29T10:15:21.255Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-28T23:16:43.470

Modified: 2026-05-29T12:16:25.730

Link: CVE-2026-10016

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-10016 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T15:00:17Z

Weaknesses