Impact
A use‑after‑free bug in the Video module of Google Chrome on Windows allows an attacker who has already compromised the renderer process to potentially escape the sandbox by serving a specially crafted HTML page. If exploited, the attacker could execute code outside the browser’s restricted environment, escalating privileges and compromising the host system. The weakness is classified as CWE‑416 and CWE‑825 and is marked as high severity by Chromium.
Affected Systems
Google Chrome for Windows, all releases prior to 149.0.7827.115 are vulnerable. The documented reference indicates that the stable‑channel update for desktop in June 2026 includes the remediation.
Risk and Exploitability
The flaw can be triggered remotely through a malicious web page and requires that the attacker already controls or influences the renderer. The EPSS score indicates a very low probability of exploitation, reported as less than 1%, and the issue is not listed in the CISA KEV catalog. Chromium rates it as high severity, with a CVSS score of 8.3, meaning successful exploitation would likely compromise confidentiality, integrity, and availability of the affected system. While the EPSS indicates a low risk, the combination of a remote attack vector and a sandbox escape means that systems running unsupported Chrome versions face significant risk.
OpenCVE Enrichment
Debian DSA