Description
Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-06-24
Score: 9.6 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in the WebGL implementation of Google Chrome on Android allows a remote attacker, via a crafted HTML page, to potentially escape the browser sandbox and execute arbitrary code. The chromium project has classified the weakness as critical, underscoring its severity. The flaw arises from improperly managed memory after a WebGL context is freed, which an attacker can exploit when interacting with a malicious web page.

Affected Systems

The vulnerability affects Google Chrome for Android versions prior to 149.0.7827.197. Any device running Chrome with a version earlier than this release is potentially impacted, regardless of the device brand or OS edition. Users should verify that their browsers are on the latest stable channel or newer in order to receive the patch.

Risk and Exploitability

The CVSS score is 9.6, indicating high severity, and no EPSS data is available, but the chromium severity level is listed as critical, indicating a high potential impact. The attack vector is via a crafted HTML page, meaning a user must be tricked into opening the malicious content in Chrome on Android. At present, the vulnerability is not listed in the CISA KEV catalog and no publicly available exploits have been documented. Nonetheless, the potential to escape the sandbox makes the risk significant for exposed devices.

Generated by OpenCVE AI on June 24, 2026 at 21:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 149.0.7827.197 or later on all Android devices.
  • If an update cannot be applied immediately, disable WebGL in Chrome via the experimental flags page (chrome://flags) or device policy management by setting the "EnableWebGL" flag to off.
  • Continuously monitor for delivery of malicious HTML or content that could exploit WebGL to ensure any temporary mitigations are effective.

Generated by OpenCVE AI on June 24, 2026 at 21:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in WebGL Enables Sandbox Escape on Chrome for Android

Wed, 24 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 24 Jun 2026 19:15:00 +0000

Type Values Removed Values Added
Description Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Weaknesses CWE-416
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-24T19:23:29.186Z

Reserved: 2026-06-23T17:14:10.131Z

Link: CVE-2026-13028

cve-icon Vulnrichment

Updated: 2026-06-24T19:23:26.425Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T21:30:04Z

Weaknesses