Description
Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-30
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free in the Chromecast component of Google Chrome. It allows an attacker who has already compromised the renderer process to escape the sandbox by exploiting a crafted HTML page that triggers the freed memory access. This flaw is classified as CWE‑416 and can result in arbitrary code execution or privilege escalation on the host system.

Affected Systems

Google Chrome users running versions prior to 150.0.7871.47 are affected. The flaw exists specifically in the Chromecast implementation of Chrome on all platforms where Chrome is installed.

Risk and Exploitability

The security severity is listed as High, and the EPSS score is unavailable, so the exploitation likelihood cannot be quantified precisely. However, because the flaw requires the renderer process to be compromised and a malicious HTML page to be delivered, the attack vector is remote and requires user interaction or a compromised site. The absence of a KEV listing suggests no known widespread exploitation, but the high severity indicates that patches should be applied promptly, especially in environments that use Chromecast or host web content from untrusted sources.

Generated by OpenCVE AI on July 1, 2026 at 00:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Chrome update (150.0.7871.47 or newer) to remove the use‑after‑free bug.
  • If updating is not immediately possible, disable Chromecast support in Chrome via the flags page or group policy to limit surface area.
  • Implement network segmentation or firewall rules to restrict the renderer process from reaching external processes, thereby reducing the risk of sandbox escape.

Generated by OpenCVE AI on July 1, 2026 at 00:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 01:15:00 +0000

Type Values Removed Values Added
Title Chromecast Use After Free Enables Sandbox Escape via Malicious Renderer

Tue, 30 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-30T22:37:39.219Z

Reserved: 2026-06-29T23:03:21.838Z

Link: CVE-2026-13804

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T01:00:14Z

Weaknesses