Description
Use after free in File Input in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-06-04
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free flaw in the File Input handling of Google Chrome on macOS, allowing a remote attacker who triggers a user to perform specific UI gestures on a crafted HTML page to potentially escape the browser sandbox and execute code with higher privileges. The flawed code can be triggered after the browser reclaims memory, leading to execution of arbitrary code; the requestor notes the Chromium security severity as Medium.

Affected Systems

Google Chrome version 149.0.7827.53 and earlier on macOS are affected. The issue applies to all fleet installations of Chrome on macOS that have not upgraded beyond the specified version.

Risk and Exploitability

No EPSS score is available and the vulnerability is not listed in CISA’s KEV catalog, but the absence of these metrics does not diminish the potential impact. Exploitation requires a crafted HTML page, user interaction, and the victim’s device must run a vulnerable Chrome instance on macOS. The attack would allow the attacker to break sandbox confinement, enabling remote code execution with the privileges of the logged‑in user.

Generated by OpenCVE AI on June 5, 2026 at 02:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 149.0.7827.53 or later on macOS.
  • Enable automatic updates to receive future security patches for Chrome and other Google software.
  • Verify that user education discourages interaction with untrusted web content and encourage safe browsing practices.

Generated by OpenCVE AI on June 5, 2026 at 02:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome File Input Allows Sandbox Escape via Crafted HTML on macOS

Thu, 04 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in File Input in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses CWE-416
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-04T23:04:56.376Z

Reserved: 2026-06-04T17:06:50.188Z

Link: CVE-2026-11100

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-04T23:17:15.510

Modified: 2026-06-04T23:17:15.510

Link: CVE-2026-11100

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T02:30:29Z

Weaknesses