Description
Use after free in Core in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-04
Score: 8.3 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free in the core component of Google Chrome on Android, affecting versions prior to 149.0.7827.53. The flaw can be triggered by a crafted HTML page. If an attacker can compromise the renderer process, they may use the freed memory to execute arbitrary code, effectively escaping the browser's sandbox and potentially gaining full system access. This corresponds to CWE‑416, a use‑after‑free weakness.

Affected Systems

Google Chrome for Android versions earlier than 149.0.7827.53 are susceptible. The issue is confined to the Android edition; other platforms or later releases are not affected. Devices running these versions and which allow arbitrary HTML to be loaded in the renderer process are at risk.

Risk and Exploitability

The flaw carries a high severity rating according to Chromium. The CVSS score is 8.3, indicating high severity. The EPSS score is not available, so the likelihood of exploitation cannot be quantified. The attack requires an attacker already able to run malicious code in the renderer process, typically by serving a crafted web page. A successful sandbox escape would give the attacker full control over the device, bypassing browser isolation. Because the vulnerability is not listed in CISA’s KEV catalog, there is no current evidence of widespread exploitation, but the high severity suggests urgency in applying the fix.

Generated by OpenCVE AI on June 5, 2026 at 05:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to at least version 149.0.7827.53 to remove the use‑after‑free flaw
  • Ensure the device OS and related security patches are current to limit potential avenues for an attacker to compromise the renderer process
  • Disable or limit the loading of untrusted content in Chrome, for example by configuring safe browsing or restricting extensions, as a temporary measure until the patch is applied

Generated by OpenCVE AI on June 5, 2026 at 05:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 03:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 05 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 05 Jun 2026 02:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Android Core Enables Potential Sandbox Escape

Thu, 04 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in Core in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-05T01:39:07.319Z

Reserved: 2026-06-04T17:06:14.440Z

Link: CVE-2026-10953

cve-icon Vulnrichment

Updated: 2026-06-05T01:38:05.559Z

cve-icon NVD

Status : Received

Published: 2026-06-04T23:16:58.203

Modified: 2026-06-05T02:17:00.117

Link: CVE-2026-10953

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T02:45:29Z

Weaknesses