Description
Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-06
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in the Fullscreen handling of Google Chrome for Windows allows an attacker who has already compromised the renderer process to escape the browser sandbox. The vulnerability is a classic CWE‑416 scenario that can give the attacker full control of the host system, effectively turning the compromised browser into a privilege escalation vector. The impact is therefore a high‑severity remote code execution.

Affected Systems

Google Chrome versions for Windows earlier than 148.0.7778.96 are affected. The flaw lies within the fullscreen feature and is present across all builds of the Chrome stable channel before the specified update.

Risk and Exploitability

The issue is rated high severity by Chromium’s security team, though the EPSS score is not yet available. The CVSS score is 8.3. It is not listed in the CISA KEV catalog at present. Because exploitation requires the attacker to first gain control of the renderer process and then deliver a specially crafted HTML page that triggers the use‑after‑free, the attack is plausible but may demand a sophisticated delivery chain. Nevertheless, the potential for complete system compromise warrants a proactive response.

Generated by OpenCVE AI on May 6, 2026 at 23:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.96 or newer to incorporate the memory‑management fix.
  • If an immediate update is not possible, disable the Fullscreen API via Chrome enterprise policy or the `--disable-features=FullscreenAPI` flag to prevent the flaw from being triggered.
  • Monitor Chrome renderer processes for abnormal crashes or privilege‑escalation activity, and keep system logs enabled for forensic readiness.

Generated by OpenCVE AI on May 6, 2026 at 23:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 00:00:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Fullscreen Enables Sandbox Escape

Wed, 06 May 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows

Wed, 06 May 2026 23:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 06 May 2026 22:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Wed, 06 May 2026 20:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Fullscreen Enables Sandbox Escape

Wed, 06 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-07T03:56:45.791Z

Reserved: 2026-05-05T22:59:08.719Z

Link: CVE-2026-7917

cve-icon Vulnrichment

Updated: 2026-05-06T20:41:59.473Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-06T19:16:39.970

Modified: 2026-05-06T23:39:31.057

Link: CVE-2026-7917

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T23:45:06Z

Weaknesses