Description
Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-04-08
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A use‑after‑free flaw exists in Chrome’s media component that allows a remote attacker to trigger arbitrary code execution inside the browser’s sandbox by loading a crafted HTML page. The vulnerability occurs when media objects are freed while still referenced, enabling the attacker to manipulate memory and execute code within the sandboxed environment. The weakness is classified as CWE‑416 and is considered a high‑severity issue.

Affected Systems

The flaw affects Google Chrome versions older than 147.0.7727.55. Any user running a pre‑147.0.7727.55 build is vulnerable and should upgrade to the latest release to mitigate the risk.

Risk and Exploitability

The CVSS score of 8.8 reflects significant impact, while the EPSS score of less than 1% indicates that exploitation is currently unlikely to be widespread. The vulnerability is not listed in the CISA KEV catalog. The attack vector is remote, relying on a malicious HTML page that can be served by any web host, and requires the victim to load the page in Chrome. Successful exploitation allows execution of code within Chrome’s sandbox, presenting a serious threat to the user’s computing environment.

Generated by OpenCVE AI on April 9, 2026 at 18:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Chrome to version 147.0.7727.55 or later as soon as possible.
  • Verify the update by checking the browser’s version information in the About menu.

Generated by OpenCVE AI on April 9, 2026 at 18:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6205-1 chromium security update
History

Fri, 10 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: Use after free in Media
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Important

Fri, 10 Apr 2026 10:00:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Media Enables Arbitrary Code Execution via Crafted HTML

Thu, 09 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Media Enables Arbitrary Code Execution via Crafted HTML
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 08 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Description Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-04-10T03:55:47.563Z

Reserved: 2026-04-08T19:34:33.573Z

Link: CVE-2026-5866

cve-icon Vulnrichment

Updated: 2026-04-09T15:38:17.375Z

cve-icon NVD

Status : Received

Published: 2026-04-08T22:16:26.130

Modified: 2026-04-09T16:16:34.140

Link: CVE-2026-5866

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-07T00:00:00Z

Links: CVE-2026-5866 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:40:27Z

Weaknesses