Description
Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-08
Score: 9.6 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free in the navigation component of Google Chrome prior to version 149.0.7827.103. An attacker who can supply a crafted HTML page may trigger the flaw and escape the browser’s sandbox, potentially allowing the attacker to execute arbitrary code on the host. The issue is classified as Chromium security severity high and maps to CWE‑416, a common type of memory corruption that can lead to privilege escalation.

Affected Systems

Google Chrome versions earlier than 149.0.7827.103 are vulnerable; the CVE does not specify affected operating systems, so any platform running those releases is potentially impacted.

Risk and Exploitability

Based on the description, it is inferred that the attacker must provide a specially crafted web page to trigger the flaw. The attacker therefore needs the user to visit a malicious site or otherwise load the crafted content. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Nonetheless, the CVSS score of 9.6 and potential for sandbox escape mean the risk to systems that run the affected Chrome releases without a patch is significant.

Generated by OpenCVE AI on June 9, 2026 at 03:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to at least version 149.0.7827.103.
  • Enable automatic updates to receive future security patches promptly.
  • If an immediate upgrade is not possible, avoid navigating to untrusted sites until the patch is applied, and consider using a different browser as a temporary safeguard.

Generated by OpenCVE AI on June 9, 2026 at 03:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Tue, 09 Jun 2026 03:45:00 +0000

Type Values Removed Values Added
Title Use after Free in Chrome Navigation Allows Sandbox Escape

Tue, 09 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Title Use after Free in Chrome Navigation Allows Sandbox Escape
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Mon, 08 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Description Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-09T03:56:09.454Z

Reserved: 2026-06-08T21:33:47.562Z

Link: CVE-2026-11671

cve-icon Vulnrichment

Updated: 2026-06-09T01:34:03.466Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-09T00:16:50.337

Modified: 2026-06-09T14:53:57.547

Link: CVE-2026-11671

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T03:30:16Z

Weaknesses