A use‑after‑free flaw in the Bluetooth stack of Google Chrome on macOS allows a crafted HTML page to corrupt the heap, potentially enabling an attacker to gain arbitrary code execution. Classified as CWE‑416, the vulnerability also inherits characteristics of CWE‑825, which indicates possible imprecise permissions or access control related to the Bluetooth interface. The flaw can lead to memory corruption that an attacker may leverage to run code on the user’s machine. The description indicates high severity within Chromium’s security taxonomy.

Google Chrome on macOS is affected. All installations before the 149.0.7827.103 release are vulnerable; newer releases contain a fix.

The CVSS score is 8.8, indicating high severity and suggesting substantial risk. The EPSS score of < 1% indicates a very low probability of exploitation in the wild. The vulnerability is not listed in CISA’s KEV catalog, indicating limited public exploitation evidence as of now. The flaw is tied to both CWE‑416 and CWE‑825, implying use‑after‑free and potential insufficient access control of the Bluetooth API. The likely attack vector requires an attacker to supply a malicious web page that uses the Bluetooth interface; an end‑user must open or interact with such a page in Chrome for the flaw to be exploitable. Consequently, the risk is high for active users browsing the web, especially those who use Bluetooth features within Chrome.