Description
Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-04-28
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw exists in the Animation subsystem of Google Chrome versions prior to 147.0.7727.138. When a crafted HTML page is rendered, the browser can execute arbitrary code inside its sandboxed process, bypassing isolation safeguards. This is a high‑severity vulnerability defined by CWE‑416, which can lead to remote code execution when the attacker controls page content.

Affected Systems

The flaw affects all desktop installations of Google Chrome that use the legacy snapshot of the Animation module, specifically any release before 147.0.7727.138. The vulnerability is scoped to the rendering engine in Chrome’s stable channel and applies uniformly across supported operating systems that run the affected Chrome binary.

Risk and Exploitability

The CVSS score is 8.8, indicating a high severity for this misuse. The vulnerability allows a remote attacker to trigger exploit by loading a crafted HTML page, resulting in code execution inside Chrome’s sandbox. Although the attack requires interacting with the page, the high CVSS score and lack of a KEV listing suggest that exploitation remains possible if patching is delayed. The EPSS score is < 1%.

Generated by OpenCVE AI on April 29, 2026 at 21:34 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Chrome update (147.0.7727.138 or newer) to eliminate the use‑after‑free bug.
  • Configure Chrome to receive automatic updates so future patches are applied promptly.
  • Restrict or monitor access to local or untrusted HTML files that could be used to exercise the flaw—use policy or sandbox settings to limit rendering of untrusted content.

Generated by OpenCVE AI on April 29, 2026 at 21:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Wed, 29 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Animation Component Enables Remote Code Execution chromium-browser: Use after free in Animation
Weaknesses CWE-825
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Important

Wed, 29 Apr 2026 01:30:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Animation Component Enables Remote Code Execution
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Tue, 28 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-04-30T03:55:37.852Z

Reserved: 2026-04-28T20:02:47.142Z

Link: CVE-2026-7358

cve-icon Vulnrichment

Updated: 2026-04-29T18:14:55.281Z

cve-icon NVD

Status : Received

Published: 2026-04-28T23:16:23.357

Modified: 2026-04-29T21:16:21.917

Link: CVE-2026-7358

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-28T00:00:00Z

Links: CVE-2026-7358 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T21:45:20Z

Weaknesses