Description
Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-06-04
Score: 8.3 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in the printing subsystem of Google Chrome on Linux allows an attacker who has already compromised the renderer process to escape the browser’s sandbox. This can enable execution of arbitrary code on the host operating system, potentially granting full system control to the adversary. The weakness is a classic use after free, matching CWE‑416, and is flagged as Critical by Chromium’s own severity assessment.

Affected Systems

Google Chrome for Linux versions earlier than 149.0.7827.53 are affected. Any machine running those releases on a Linux desktop is vulnerable.

Risk and Exploitability

The vulnerability can be exploited by delivering a specially crafted HTML page that causes the renderer to free a memory region and then reference it again. While the current exploit requires compromise of the renderer process, the attack vector is effectively remote through malicious web content. No EPSS score is available, and the issue is not listed in the CISA KEV catalog. The CVSS score of 8.3 indicates high severity, so a successful exploit would have significant impact. Without early remediation the risk for an attacker is pronounced, especially in environments where users visit untrusted sites.

Generated by OpenCVE AI on June 5, 2026 at 05:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Chrome to version 149.0.7827.53 or later; the patch removes the use‑after‑free bug in the printing module.
  • Verify that the Chrome renderer sandbox remains enabled; by default it limits the impact of renderer compromises but disabling it would increase risk.
  • Disable or block the printing feature on unpatched systems to limit potential exploitation.

Generated by OpenCVE AI on June 5, 2026 at 05:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 07:30:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 05 Jun 2026 03:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 05 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Thu, 04 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-05T01:44:11.149Z

Reserved: 2026-06-04T17:05:57.931Z

Link: CVE-2026-10894

cve-icon Vulnrichment

Updated: 2026-06-05T01:39:42.493Z

cve-icon NVD

Status : Received

Published: 2026-06-04T23:16:50.990

Modified: 2026-06-05T02:16:52.180

Link: CVE-2026-10894

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T07:15:20Z

Weaknesses