Description
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-14
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free bug in Chrome’s Media code, permitting a remote attacker to cause arbitrary code execution inside a sandboxed browser context through a crafted HTML page. The flaw involves freeing a resource that is later accessed again, leading to memory corruption. This can compromise the confidentiality, integrity, and availability of the user’s device if the attacker’s code runs with the privileges of the sandboxed process.

Affected Systems

Google Chrome users running any version of the stable channel older than 148.0.7778.168 are impacted.

Risk and Exploitability

The vulnerability has a CVSS score of 8.8, indicating high severity according to Chromium’s security team. Although EPSS information is not available and the issue is not listed in the KEV catalog, the lack of exploitation data does not diminish the potential damage if an attacker supplies a malicious page. The attack vector is inferred to be a crafted HTML document accessed over the normal HTTPS or HTTP traffic. Successful exploitation would allow the attacker to inject code that runs in the browser’s sandboxed environment, potentially escalating privileges or exfiltrating data if combined with other weaknesses.

Generated by OpenCVE AI on May 15, 2026 at 13:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.168 or newer.
  • Enable automatic updates to receive future security patches automatically.
  • Until the patch is applied, avoid visiting untrusted web sites that may host malicious HTML content.

Generated by OpenCVE AI on May 15, 2026 at 13:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6273-1 chromium security update
History

Fri, 15 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Media Enabling Remote Code Execution via Crafted HTML chromium-browser: chromium-browser: Use after free in Media
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 14 May 2026 22:30:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Media Enabling Remote Code Execution via Crafted HTML

Thu, 14 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 14 May 2026 21:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 14 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-15T03:56:28.566Z

Reserved: 2026-05-14T05:40:19.822Z

Link: CVE-2026-8549

cve-icon Vulnrichment

Updated: 2026-05-14T20:36:50.459Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-14T20:17:15.807

Modified: 2026-05-14T21:19:23.923

Link: CVE-2026-8549

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-14T19:52:25Z

Links: CVE-2026-8549 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T13:45:16Z

Weaknesses