Impact
A use‑after‑free bug exists in the Views component of Google Chrome. The flaw allows a remote attacker to coerce a user into performing specific user interface gestures while viewing a crafted HTML page, which can lead to arbitrary code execution. The weakness is classified as CWE‑416 and the Chromium project rates the severity as high.
Affected Systems
Google Chrome browsers running any version prior to 150.0.7871.47 are affected. The vulnerability does not impact other browsers or Chrome extensions independently of the affected core code.
Risk and Exploitability
Because the flaw is exploitable through normal web content and does not require elevated user privileges, it represents a high‑risk attack vector for end users. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog, but its remote code execution capability and lack of mitigations in older releases make it a serious concern.
OpenCVE Enrichment