Description
Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-24
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free flaw in Google Chrome’s FileSystem implementation. A maliciously crafted HTML page can trigger the flaw, causing heap corruption that may allow an attacker to execute arbitrary code or otherwise compromise the integrity of the system.

Affected Systems

Users of Google Chrome versions older than 149.0.7827.197 are affected. The defect is present in all Chrome builds before that release and was fixed in the 149.0.7827.197 update and subsequent ones.

Risk and Exploitability

Chromium labels the issue as High severity with a CVSS base score of 8.8. The EPSS score indicates an exploitation probability of <1%. The vulnerability is not listed in the CISA KEV catalog, so the EPSS indicates a low probability of exploitation. The stated attack vector involves a remote attacker delivering a crafted HTML page that a user opens; the exploit requires user interaction or a browser context that accesses the vulnerable FileSystem API. If successful, the heap corruption can lead to remote code execution on the victim’s machine.

Generated by OpenCVE AI on June 29, 2026 at 13:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply an update to Chrome version 149.0.7827.197 or later.
  • Ensure Chrome’s automatic update mechanism is enabled so that future patches are applied without user action.
  • Restrict usage of the FileSystem API for untrusted origins via Chrome flags or policies to reduce exposure to malicious content.

Generated by OpenCVE AI on June 29, 2026 at 13:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4654-1 chromium security update
Debian DSA Debian DSA DSA-6364-1 chromium security update
History

Mon, 29 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use-After-Free in Chrome’s FileSystem API Enables Heap Corruption chromium-browser: chromium-browser: Use after free in FileSystem
Weaknesses CWE-825
References
Metrics threat_severity

None

threat_severity

Important


Thu, 25 Jun 2026 07:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 24 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Title Use-After-Free in Chrome’s FileSystem API Enables Heap Corruption

Wed, 24 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 24 Jun 2026 19:15:00 +0000

Type Values Removed Values Added
Description Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-25T03:55:41.703Z

Reserved: 2026-06-23T17:14:09.827Z

Link: CVE-2026-13027

cve-icon Vulnrichment

Updated: 2026-06-24T19:32:57.765Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-24T18:43:16Z

Links: CVE-2026-13027 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T14:00:05Z

Weaknesses