Description
Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-24
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Google Chrome's Blink rendering engine contains a use‑after‑free flaw that, when a specially crafted HTML page is rendered, causes the browser to operate on freed memory and enables execution of arbitrary code inside the sandbox. The defect is classified as CWE‑416 and CWE‑825 and was rated as high severity by Chromium security reviewers.

Affected Systems

The vulnerability affects Google Chrome browsers before version 149.0.7827.197 on desktop platforms. Users on the stable channel who have not installed the June 2026 update are vulnerable.

Risk and Exploitability

The flaw provides remote code execution with a sandbox escape, giving an attacker the ability to execute code with the privileges of the browser process. The EPSS score is < 1%, indicating a very low exploitation probability, but the CVSS score of 8.8 indicates a high severity. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to entice users to visit a malicious web page or otherwise load a crafted HTML file.

Generated by OpenCVE AI on June 29, 2026 at 13:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Chrome update (149.0.7827.197 or newer).
  • Enable automatic updates in Chrome to receive future patches promptly.
  • Restrict access to potentially malicious web pages by disabling local file protocols or using enterprise policies that limit browsing of untrusted sites.

Generated by OpenCVE AI on June 29, 2026 at 13:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4654-1 chromium security update
Debian DSA Debian DSA DSA-6364-1 chromium security update
History

Mon, 29 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: chromium-browser: Use after free in Blink
Weaknesses CWE-825
References
Metrics threat_severity

None

threat_severity

Important


Thu, 25 Jun 2026 06:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 24 Jun 2026 22:00:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Blink Allows Remote Code Execution in Chrome

Wed, 24 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Blink Allows Remote Code Execution in Chrome

Wed, 24 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 24 Jun 2026 19:15:00 +0000

Type Values Removed Values Added
Description Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-25T03:55:43.943Z

Reserved: 2026-06-23T17:14:11.143Z

Link: CVE-2026-13031

cve-icon Vulnrichment

Updated: 2026-06-24T19:28:42.429Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-24T18:43:17Z

Links: CVE-2026-13031 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T14:00:05Z

Weaknesses