Description
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-04
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free vulnerability in the WebRTC component of Google Chrome allows a remote attacker to execute arbitrary code within the browser’s sandbox by serving a specially crafted HTML page. The flaw occurs when a freed memory object is accessed again, enabling the attacker to control execution flow inside the protected sandbox, thus potentially compromising the confidentiality, integrity and availability of the user’s system. The described problem carries a Chromium security severity of High.

Affected Systems

Google Chrome is affected in all releases prior to 149.0.7827.53. Users running version 149.0.7827.52 or earlier should be aware that any WebRTC traffic generated by a malicious web page could trigger the use‑after‑free exploit. The risk is confined to browsers that process the vulnerable WebRTC sandbox code.

Risk and Exploitability

No EPSS score is available, and the vulnerability is not listed in CISA’s Known Exploited Vulnerabilities catalog, but the nature of the flaw – remote code execution through a crafted HTML page – makes it attractive to attackers. If a user opens a malicious page that triggers the exploit, an attacker can take control of the browser process. Updating to a fixed release stops the vulnerability, while an attacker would need to exploit the older code path to succeed.

Generated by OpenCVE AI on June 5, 2026 at 03:08 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to the latest stable release (149.0.7827.53 or newer).
  • Disable WebRTC functionality by setting the chrome experimental flag ‑‑disable-webrtc or through group policy to prevent any WebRTC traffic from reaching the browser.
  • Ensure browsers are regularly updated and only allow trusted websites to access WebRTC features through content security policy configurations.

Generated by OpenCVE AI on June 5, 2026 at 03:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 03:30:00 +0000

Type Values Removed Values Added
Title Use‑after‑free in WebRTC Enables Sandbox Escape in Chrome

Fri, 05 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 05 Jun 2026 01:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-05T00:30:09.031Z

Reserved: 2026-06-04T17:06:20.016Z

Link: CVE-2026-10975

cve-icon Vulnrichment

Updated: 2026-06-05T00:25:36.413Z

cve-icon NVD

Status : Received

Published: 2026-06-04T23:17:00.730

Modified: 2026-06-05T02:17:02.793

Link: CVE-2026-10975

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T03:15:16Z

Weaknesses