Description
Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-04-15
Score: 8.3 High
EPSS: n/a
KEV: No
Impact: Remote sandbox escape
Action: Patch immediately
AI Analysis

Impact

A use‑after‑free bug was found in Dawn, the graphics engine used by Google Chrome. The flaw allows an attacker who has already compromised the renderer process to free an object and then reference it after it has been deallocated. This can let the attacker run code outside the renderer sandbox, potentially gaining broader system access. The weakness is classified as CWE‑416 and is rated high severity by Chromium.

Affected Systems

The vulnerability affects Google Chrome up to version 147.0.7727.100. Any installation of Chrome prior to 147.0.7727.101 is potentially exposed. This includes desktop builds of Chrome that rely on the Dawn engine for rendering.

Risk and Exploitability

Chromium labels the issue as high security severity, reflected by a CVSS score of 8.3, and the EPSS score is not available; the vulnerability is not listed in the CISA KEV catalog. Exploitation requires a remote attacker to have already compromised the renderer process, for example via a malicious website or by delivering crafted HTML content that is rendered. While the attacker must first take the renderer, once achieved the use‑after‑free can be leveraged to escape the sandbox and execute code with the privileges of the browser process. The limited prerequisite reduces the overall likelihood compared to pure remote code execution vulnerabilities, but the impact of a successful exploit is significant.

Generated by OpenCVE AI on April 16, 2026 at 02:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Google Chrome version 147.0.7727.101 or later to apply the vendor fix.
  • If immediate upgrade is not possible, enforce Chrome’s Site Isolation and strict renderer sandboxing settings to limit the damage from any compromised renderer.
  • Monitor browser logs and security alerts for signs of exploitation attempts, and keep the system under a reputable anti‑malware solution.

Generated by OpenCVE AI on April 16, 2026 at 02:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 02:45:00 +0000

Type Values Removed Values Added
Title Use-After-Free in Chrome Dawn Enables Remote Sandbox Escape

Wed, 15 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Wed, 15 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-04-16T03:56:06.808Z

Reserved: 2026-04-14T18:12:24.810Z

Link: CVE-2026-6310

cve-icon Vulnrichment

Updated: 2026-04-15T19:57:53.951Z

cve-icon NVD

Status : Received

Published: 2026-04-15T20:16:40.530

Modified: 2026-04-15T20:16:40.530

Link: CVE-2026-6310

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T02:30:21Z

Weaknesses