Description
Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-05-28
Score: 9.6 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free bug in the WebGL component of Google Chrome on Android. An attacker can serve a crafted HTML page that triggers a faulty memory access, potentially allowing the browser to escape its sandbox and execute code with elevated privileges. This flaw is classified as CWE‑416 and CWE‑825, and is rated Critical by Chromium security.

Affected Systems

The flaw affects Google Chrome for Android versions prior to 148.0.7778.216. No higher or lower version range is specified beyond this threshold.

Risk and Exploitability

The vulnerability is not listed in the CISA KEV catalog and the EPSS score is currently unavailable, but it has a CVSS score of 9.6, underscoring its critical severity. The attack vector is inferred to be a remote attacker delivering malicious content via a crafted HTML page. Once exploited, the resulting sandbox escape could give the attacker full control over the device. The absence of an EPSS figure or KEV entry does not reduce the urgency of applying a fix, as the potential impact remains high.

Generated by OpenCVE AI on May 29, 2026 at 14:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the Chrome update shown in the stable‑channel release notes; this patch removes the use‑after‑free in WebGL.
  • If the update cannot be applied immediately, disable WebGL or hardware‑accelerated graphics in Chrome’s experimental settings to reduce the exposed surface.
  • As a temporary mitigation, use a Chrome extension or policy that blocks automatic loading of remote content or restricts WebGL usage within the browser.

Generated by OpenCVE AI on May 29, 2026 at 14:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in WebGL Allows Sandbox Escape in Chrome for Android chromium-browser: Use after free in WebGL
Weaknesses CWE-825
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Critical

Fri, 29 May 2026 01:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 28 May 2026 23:45:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in WebGL Allows Sandbox Escape in Chrome for Android

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-30T03:56:46.944Z

Reserved: 2026-05-28T17:24:41.378Z

Link: CVE-2026-9876

cve-icon Vulnrichment

Updated: 2026-05-29T15:05:55.799Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-28T23:16:45.543

Modified: 2026-05-29T16:16:33.970

Link: CVE-2026-9876

cve-icon Redhat

Severity : Critical

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9876 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T14:30:37Z

Weaknesses