Description
Use after free in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-30
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free condition in the HTML5 Canvas implementation of Google Chrome versions earlier than 150.0.7871.47 allows a remote attacker to execute arbitrary code within the browser’s sandbox. The vulnerability is a classic memory‑corruption flaw (CWE‑416) that can be triggered by a crafted HTML page loaded in the browser. Execution of malicious code occurs only inside the sandbox, but it can still be leveraged for further exploitation, such as escalating privileges or exfiltrating data that the has accessed.

Affected Systems

All users running Google Chrome prior to version 150.0.7871.47 are affected. The issue was present in the stable channel and any installation that has not applied the June 2026 security update. No other vendors or product lines were listed as impacted.

Risk and Exploitability

The CVE is rated as high severity by Chromium, but no EPSS score is available and the vulnerability is not listed in the CISA KEV catalog, indicating that it has not yet been widely exploited in the wild. The likely attack vector is an attacker hosting a malicious web page that the victim opens or visits; a single click on the page would trigger the flawed canvas operation. Because the code runs inside the sandbox, the attacker’s immediate gain is limited but sufficient for further attacks against the user’s system. Given the lack of exploitation data, the risk is considered moderate to high pending patch.

Generated by OpenCVE AI on July 1, 2026 at 00:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to version 150.0.7871.47 or later to obtain the patch that fixes the use‑after‑free bug.
  • Restart the browser after upgrading to ensure no residual vulnerable processes remain running.
  • If an upgrade is unattainable, consider applying a policy to disable the Canvas feature until the update can be applied, thereby eliminating the exploitation surface for the affected code path.

Generated by OpenCVE AI on July 1, 2026 at 00:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 01:00:00 +0000

Type Values Removed Values Added
Title Use After Free in Chrome Canvas Enables Remote Code Execution

Tue, 30 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Use after free in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-30T22:37:45.580Z

Reserved: 2026-06-29T23:03:25.956Z

Link: CVE-2026-13821

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T00:45:15Z

Weaknesses