Description
Use after free in WebMIDI in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-06-04
Score: 9.6 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in the WebMIDI implementation of Google Chrome on iOS affects all releases prior to 149.0.7827.53. The vulnerability is triggered by a crafted HTML page delivered over the network and could allow a remote attacker to escape the browser sandbox and execute code with the privileges of the user’s device. The weakness is classified as CWE-416.

Affected Systems

All users running Google Chrome on iOS with versions earlier than 149.0.7827.53 are affected. Only the iOS platform is listed; no other operating systems or browsers were reported.

Risk and Exploitability

The CVE has a CVSS score of 9.6, indicating high severity. The EPSS score is less than 1%, suggesting a low probability of exploitation currently. The vulnerability is not listed in CISA's KEV catalog, and attackers must craft a malicious page that targets the WebMIDI interface; the sandbox escape could then compromise the confidentiality, integrity, and availability of the infected device.

Generated by OpenCVE AI on June 5, 2026 at 19:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to version 149.0.7827.53 or later
  • Avoid visiting untrusted web pages that contain WebMIDI elements
  • If possible, disable the WebMIDI feature via Chrome flags or employ a content filter to block malicious content

Generated by OpenCVE AI on June 5, 2026 at 19:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6325-1 chromium security update
History

Tue, 09 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple iphone Os
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple iphone Os

Tue, 09 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: chromium-browser: Use after free in WebMIDI
References
Metrics threat_severity

None

 threat_severity

Moderate

Fri, 05 Jun 2026 19:45:00 +0000

Type Values Removed Values Added
Title Use After Free in WebMIDI in Chrome iOS Allowing Potential Sandbox Escape

Fri, 05 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 05 Jun 2026 05:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 05 Jun 2026 04:15:00 +0000

Type Values Removed Values Added
Title Use After Free in WebMIDI in Chrome iOS Allowing Potential Sandbox Escape

Thu, 04 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in WebMIDI in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses CWE-416
References

Subscriptions

Apple Iphone Os
Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-05T17:25:38.399Z

Reserved: 2026-06-04T17:10:35.286Z

Link: CVE-2026-11165

cve-icon Vulnrichment

Updated: 2026-06-05T17:23:29.677Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-04T23:17:23.183

Modified: 2026-06-09T14:24:09.390

Link: CVE-2026-11165

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-02T00:00:00Z

Links: CVE-2026-11165 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T19:30:03Z

Weaknesses