A use‑after‑free flaw in the Aura rendering engine of Google Chrome on Windows allows an attacker who has already compromised the renderer process to potentially escape the browser sandbox by loading a specially crafted HTML page. The vulnerability belongs to CWE‑416 and, according to the Chromium security team, is rated Critical. If successfully exploited an attacker could gain arbitrary code execution outside the browser environment, compromising confidentiality, integrity, and availability of the host system. The description does not detail the exact sequence of steps a malicious page would need to trigger the flaw, but the requirement of a pre‑existing renderer compromise narrows the attack surface to scenarios in which the attacker can inject code into the renderer.

Google Chrome browsers running on Windows that are versions prior to 149.0.7827.103 are affected. The vulnerability is fixed in version 149.0.7827.103 and later. All builds of Chrome for Windows prior to that release are potentially vulnerable if the renderer process can be compromised.

The EPSS score is currently unavailable, and the vulnerability is not listed in the CISA KEV catalog. The Chromium security severity is marked Critical, indicating a high likelihood that a capable attacker will develop or adapt an exploit. The attack vector relies on a renderer process compromise, which can be achieved through malicious web content, phishing, or other means of exploiting a different vulnerability. Once in the renderer, the use‑after‑free can be leveraged to escape the sandbox and execute code with higher privileges. Given the combination of a critical rating, the absence of known public exploits, and the need for a renderer foothold, the overall risk is high for organizations that allow arbitrary web content or use Chrome in uncontrolled environments. The CVSS score of 8.3 highlights the severity of potential impact.