Description
Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-05-06
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free flaw in Chrome’s CSS processing that allows execution of arbitrary code inside the browser’s sandbox when an unpatched Chrome version prior to 148.0.7778.96 encounters a crafted HTML page.

Affected Systems

Google Chrome, any operating system, is affected for all releases older than 148.0.7778.96. No other vendors or products are listed.

Risk and Exploitability

The CVSS severity is High, signifying sandbox‑limited code execution. EPSS information is missing and the vulnerability is not listed in the CISA KEV catalog, indicating limited or no public exploitation yet. The likely attack vector is remote via a malicious HTML page, as inferred from the description of a crafted page that triggers the flaw.

Generated by OpenCVE AI on May 7, 2026 at 00:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.96 or later, which contains the CSS use‑after‑free fix.
  • Enable automatic updates or manually install the latest Chrome release on all devices.
  • Consider using Chrome Safe Browsing or other web‑content filtering to reduce the risk of opening malicious HTML content.

Generated by OpenCVE AI on May 7, 2026 at 00:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6250-1 chromium security update
History

Thu, 07 May 2026 01:00:00 +0000

Type Values Removed Values Added
Title Use‑after‑free in Chrome CSS enables sandboxed code execution

Wed, 06 May 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Wed, 06 May 2026 23:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 06 May 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 06 May 2026 22:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Wed, 06 May 2026 20:45:00 +0000

Type Values Removed Values Added
Title Use‑after‑free in Chrome CSS enables sandboxed code execution

Wed, 06 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses CWE-416
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-07T03:56:24.293Z

Reserved: 2026-05-05T22:59:14.774Z

Link: CVE-2026-7938

cve-icon Vulnrichment

Updated: 2026-05-06T19:47:21.736Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-06T19:16:42.113

Modified: 2026-05-06T23:34:05.913

Link: CVE-2026-7938

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T00:45:16Z

Weaknesses