Description
Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-05-20
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free bug in the DOM implementation of Google Chrome. A malicious web page can trigger a memory deallocation error that allows the attacker to execute arbitrary code inside the browser’s sandbox. Because the code runs with sandbox privileges, the attacker can compromise the sandbox environment and potentially elevate privileges, exfiltrate data, or pivot to other parts of the system, depending on other system defenses.

Affected Systems

Google Chrome is affected in all releases prior to version 148.0.7778.179. The issue resides in the core DOM engine, so any Chrome installation that has not yet applied the 148.0.7778.179 fix is vulnerable, across Windows, macOS, Linux, Android, and other platforms via the stable channel.

Risk and Exploitability

The bug allows a remote attacker to exploit vulnerable Chrome by serving a specially crafted HTML page, which can be hosted under attacker control or delivered through phishing. Exploitation requires the user to load or render the malicious page. Chromium rates the severity as Medium, the EPSS score is < 1% (0.0003), and the vulnerability is not listed in the CISA KEV catalog. The CVSS score is 8.8, and the need for user interaction and sandbox containment reduces risk, yet arbitrary code execution inside the browser demands a high priority response.

Generated by OpenCVE AI on May 29, 2026 at 03:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.179 or later.
  • If an update is impossible, disable the affected functionality through browser settings or policy overrides, if available.
  • Enable automatic updates on all Chrome installations to receive future security patches as soon as they are released.

Generated by OpenCVE AI on May 29, 2026 at 03:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6287-1 chromium security update
History

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: Use after free in DOM
Weaknesses CWE-364
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 21 May 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Wed, 20 May 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 20 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 20 May 2026 19:30:00 +0000

Type Values Removed Values Added
Description Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses CWE-416
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-21T13:04:36.679Z

Reserved: 2026-05-20T17:47:38.981Z

Link: CVE-2026-9126

cve-icon Vulnrichment

Updated: 2026-05-20T19:35:13.851Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-20T20:16:45.540

Modified: 2026-06-05T17:20:47.660

Link: CVE-2026-9126

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-19T00:00:00Z

Links: CVE-2026-9126 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T04:00:13Z

Weaknesses