Impact
A use‑after‑free condition in the HTML5 Canvas implementation of Google Chrome versions earlier than 150.0.7871.47 allows a remote attacker to execute arbitrary code within the browser’s sandbox. The vulnerability is a classic memory‑corruption flaw (CWE‑416) that can be triggered by a crafted HTML page loaded in the browser. Execution of malicious code occurs only inside the sandbox, but it can still be leveraged for further exploitation, such as escalating privileges or exfiltrating data that the has accessed.
Affected Systems
All users running Google Chrome prior to version 150.0.7871.47 are affected. The issue was present in the stable channel and any installation that has not applied the June 2026 security update. No other vendors or product lines were listed as impacted.
Risk and Exploitability
The CVE is rated as high severity by Chromium, but no EPSS score is available and the vulnerability is not listed in the CISA KEV catalog, indicating that it has not yet been widely exploited in the wild. The likely attack vector is an attacker hosting a malicious web page that the victim opens or visits; a single click on the page would trigger the flawed canvas operation. Because the code runs inside the sandbox, the attacker’s immediate gain is limited but sufficient for further attacks against the user’s system. Given the lack of exploitation data, the risk is considered moderate to high pending patch.
OpenCVE Enrichment