Description
Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-06-30
Score: 9.6 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a race condition in Chrome's USB handling that can let a remote attacker who has already gained execution in the renderer process cause a sandbox escape when serving a crafted HTML page. This flaw may allow code to run with higher privileges than the browser sandbox provides, potentially compromising the host if the renderer is already compromised.

Affected Systems

Google Chrome versions earlier than 150.0.7871.47 are affected.

Risk and Exploitability

The CVSS score of 9.6 indicates a high severity. The EPSS score is reported as < 1%, and the vulnerability is not listed in CISA KEV. Exploitation requires the attacker to first obtain a foothold in the renderer process, typically through another vulnerability or a malicious site. Once a renderer is in the attacker’s control, supplying a maliciously crafted HTML document can trigger the race condition which may break the sandbox and allow elevated code execution.

Generated by OpenCVE AI on July 1, 2026 at 20:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Chrome to version 150.0.7871.47 or later as soon as possible.
  • If an upgrade cannot be performed immediately, disable USB device access by navigating to Settings → Privacy and security → Site Settings → USB and selecting Block all sites from accessing USB devices.
  • Restart Chrome after making the change to ensure the policy is applied.

Generated by OpenCVE AI on July 1, 2026 at 20:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 21:00:00 +0000

Type Values Removed Values Added
Title Race Condition in USB Handling Enables Sandbox Escape in Google Chrome

Wed, 01 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-362
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 01 Jul 2026 14:45:00 +0000

Type Values Removed Values Added
Title Race Condition in USB Handling Enables Sandbox Escape in Google Chrome

Wed, 01 Jul 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 01 Jul 2026 08:15:00 +0000

Type Values Removed Values Added
Title Race Condition in USB Handling Enables Sandbox Escape in Google Chrome
Weaknesses CWE-285
CWE-362

Wed, 01 Jul 2026 02:00:00 +0000

Type Values Removed Values Added
Title Race Condition in USB Handling Enables Sandbox Escape in Google Chrome
Weaknesses CWE-285
CWE-362

Tue, 30 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-07-01T15:02:49.036Z

Reserved: 2026-06-29T23:03:41.332Z

Link: CVE-2026-13882

cve-icon Vulnrichment

Updated: 2026-07-01T15:02:41.208Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T20:45:05Z

Weaknesses
  • CWE-362

    Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')