Description
Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-04-28
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in Google Chrome for iOS enables a remote attacker to trigger heap corruption through a specially crafted HTML page. The vulnerability can lead to arbitrary memory reads or writes, which may ultimately allow arbitrary code execution on the device. The weakness is classified as CWE-416, a memory management error involving out‑of‑bounds access.

Affected Systems

Google Chrome on iOS is affected. All releases prior to version 147.0.7727.138 contain the flaw, so users running those builds are exposed.

Risk and Exploitability

The CVSS score is 8.8, EPSS score is < 1%, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is inferred to be a malicious HTML page loaded within the browser, requiring no authentication or local privilege escalation. Because Chromium assigned a critical severity, the risk remains high until the patch is applied.

Generated by OpenCVE AI on April 29, 2026 at 17:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome on iOS to version 147.0.7727.138 or newer.
  • Disable or restrict the execution of untrusted HTML content, for example by using content‑security‑policy settings or extensions that block external scripts, as a temporary measure.
  • Configure the iOS device to automatically install the latest Chrome updates and verify that the app’s update setting is enabled.

Generated by OpenCVE AI on April 29, 2026 at 17:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6239-1 chromium security update
History

Thu, 30 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Wed, 29 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Wed, 29 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: chromium-browser: Use after free in iOS
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Important

Wed, 29 Apr 2026 01:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Tue, 28 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Weaknesses CWE-416
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-04-30T03:55:44.222Z

Reserved: 2026-04-28T20:02:49.424Z

Link: CVE-2026-7361

cve-icon Vulnrichment

Updated: 2026-04-29T13:12:49.490Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-28T23:16:23.680

Modified: 2026-04-30T16:37:31.450

Link: CVE-2026-7361

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-28T00:00:00Z

Links: CVE-2026-7361 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T17:15:16Z

Weaknesses