Description
Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-05-14
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw was discovered in Aura, the graphics subsystem of Google Chrome. In affected versions, a crafted HTML page that is loaded by a renderer process can trigger the program to reference freed memory. If successfully triggered, the vulnerability can allow the compromised renderer to bypass the sandbox, potentially executing arbitrary code on the host system. The weakness is classified as CWE‑416 and CWE‑825 and is rated as Chromium security severity Critical.

Affected Systems

Google Chrome versions prior to 148.0.7778.168 are affected. Users running the stable channel of Chrome older than this release are at risk until they upgrade.

Risk and Exploitability

The CVSS base score for the vulnerability is 8.3, indicating high severity due to its sandbox escape potential. No EPSS score is available, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires a remote party to serve a malicious page that can be rendered by a compromised renderer process, making the attack vector remote. Once executed, the sandbox escape permits the attacker to compromise the integrity, confidentiality and availability of the host system.

Generated by OpenCVE AI on May 15, 2026 at 13:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to version 148.0.7778.168 or newer to eliminate the use‑after‑free bug
  • Enable Chrome’s strong site isolation settings to ensure each renderer runs in its own distinct sandbox layout
  • Verify that JavaScript and HTML content from untrusted sources is served over HTTPS and filtered by an up‑to‑date security policy

Generated by OpenCVE AI on May 15, 2026 at 13:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6273-1 chromium security update
History

Fri, 15 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use-After-Free in Chrome Aura Allows Sandbox Escape via Malicious HTML chromium-browser: chromium-browser: Use after free in Aura
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Critical

Thu, 14 May 2026 23:00:00 +0000

Type Values Removed Values Added
Title Use-After-Free in Chrome Aura Allows Sandbox Escape via Malicious HTML

Thu, 14 May 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 14 May 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 14 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-15T03:56:56.749Z

Reserved: 2026-05-14T05:40:11.408Z

Link: CVE-2026-8514

cve-icon Vulnrichment

Updated: 2026-05-14T21:03:56.589Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-14T20:17:12.087

Modified: 2026-05-14T22:16:45.703

Link: CVE-2026-8514

cve-icon Redhat

Severity : Critical

Publid Date: 2026-05-14T19:52:12Z

Links: CVE-2026-8514 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T13:30:45Z

Weaknesses