Description
Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-24
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free flaw in the Blink rendering engine of Google Chrome versions prior to 149.0.7827.197. By visiting a specially crafted HTML page, a remote attacker can cause the browser to access memory that has already been freed, resulting in arbitrary code execution inside the Chrome sandbox. This allows an attacker to run code with privileges of the sandboxed process, potentially compromising the user’s system if the sandbox can be bypassed.

Affected Systems

All users running Google Chrome (stable channel, desktop) built before 149.0.7827.197 are affected, including versions 148.x and earlier. The bug is confined to the Blink engine that drives HTML rendering in the browser.

Risk and Exploitability

Chromium categorizes the issue as high severity. No CVSS or EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog, indicating no confirmed active exploitation yet. The attack requires delivery of a specially constructed HTML page, meaning the attacker must lure a user to a malicious site or coerce a user to expose the page. Despite the lack of observable exploitation, the potential for arbitrary code execution within the browser warrants a high risk assessment.

Generated by OpenCVE AI on June 24, 2026 at 20:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install Chrome version 149.0.7827.197 or later, which contains the fix for this Blink use‑after‑free flaw.
  • If a browser upgrade is not possible immediately, configure corporate policy or install extensions that block the rendering of untrusted or externally supplied HTML content, reducing the attack surface.
  • Deploy network filtering or a web application firewall capable of inspecting HTTP traffic for anomalous or malicious HTML patterns that could trigger the flaw, and block such requests as a proactive defense.

Generated by OpenCVE AI on June 24, 2026 at 20:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Title Use-After-Free in Chrome Blink Enables Remote Code Execution

Wed, 24 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 24 Jun 2026 19:15:00 +0000

Type Values Removed Values Added
Description Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-24T19:35:13.767Z

Reserved: 2026-06-23T17:14:12.594Z

Link: CVE-2026-13036

cve-icon Vulnrichment

Updated: 2026-06-24T19:22:12.443Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T20:30:04Z

Weaknesses