Description
Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-06-04
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Use after free vulnerability in the USB handling component of Google Chrome for Android allows an attacker to craft a malicious HTML page that, when opened, may cause a sandbox escape. The flaw could enable arbitrary code execution outside the browser sandbox, potentially compromising device resources and user data. The weakness is a classic use‑after‑free error (CWE‑416) and a memory deallocation improper use (CWE‑825).

Affected Systems

Google Chrome for Android versions earlier than 149.0.7827.53 are affected. Users running these builds on Android devices are at risk when they load a malicious HTML page from USB storage.

Risk and Exploitability

With a CVSS score of 8.8, this vulnerability is classified as high severity. It is not listed in the CISA KEV catalog, indicating no known active exploitation in the wild. The attack can be performed remotely by delivering a malicious HTML page through USB access, which an attacker can control if the device is compromised or the user is tricked into opening malicious content. The likelihood of exploitation is uncertain but potentially high given the remote nature of the vector and the difficulty in defending against HTML-based attacks. The EPSS score is < 1%, so the risk assessment is based on the high CVSS and the remote sandbox‑escape potential.

Generated by OpenCVE AI on June 7, 2026 at 14:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Chrome to version 149.0.7827.53 or later to remove the use‑after‑free flaw.
  • Avoid opening or interacting with files from USB devices in Chrome unless they come from trusted sources; consider using the Android file explorer to copy files to internal storage before viewing them in the browser.
  • Keep the Android operating system and all apps up‑to‑date, and enable integrity protection features such as verified boot and device encryption to reduce the impact of a potential sandbox escape.

Generated by OpenCVE AI on June 7, 2026 at 14:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6325-1 chromium security update
History

Sun, 07 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: Use after free in USB
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Moderate

Sat, 06 Jun 2026 01:45:00 +0000

Type Values Removed Values Added
First Time appeared Google android
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Vendors & Products Google android

Fri, 05 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Title Use After Free in Chrome USB Handling Enables Potential Remote Code Execution

Fri, 05 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 05 Jun 2026 05:15:00 +0000

Type Values Removed Values Added
Title Use After Free in Chrome USB Handling Enables Potential Remote Code Execution

Fri, 05 Jun 2026 05:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 04 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses CWE-416
References

Subscriptions

Google Android Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-05T12:13:47.038Z

Reserved: 2026-06-04T17:10:42.479Z

Link: CVE-2026-11188

cve-icon Vulnrichment

Updated: 2026-06-05T12:13:42.445Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-04T23:17:25.787

Modified: 2026-06-06T01:36:43.603

Link: CVE-2026-11188

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-02T00:00:00Z

Links: CVE-2026-11188 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-07T15:00:13Z

Weaknesses