Description
Use after free in Accessibility in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-28
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is a use‑after‑free flaw in the Accessibility component of Google Chrome on Windows. When a renderer process is already compromised, an attacker can deliver a maliciously crafted HTML page that accesses memory after it has been freed, potentially allowing the attacker to escape the renderer sandbox and run code with higher privileges. The weakness maps to CWE‑416 and CWE‑825 and is rated as high severity by Chromium.

Affected Systems

Google Chrome for Windows versions earlier than 148.0.7778.216 are affected. Any Windows installation running a vulnerable Chrome build is at risk. No other operating systems are mentioned in the advisory.

Risk and Exploitability

The advisory marks the issue as high severity, with a CVSS score of 8.3, an EPSS score of < 1%, and it is not listed in the CISA KEV catalog. Exploitation requires an attacker to gain control of the renderer process, which typically involves tricking the browser into loading malicious HTML from a remote or local source. While public exploit evidence is lacking, the potential impact is significant if the conditions are met. The likely attack vector is a remote web page that targets the Accessibility module of Chrome.

Generated by OpenCVE AI on May 29, 2026 at 16:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.216 or newer on all Windows machines.
  • Configure enterprise or group policy settings to enforce automatic Chrome updates within a short window of release.
  • Monitor Chrome release notes and apply security patches as soon as an update becomes available.

Generated by OpenCVE AI on May 29, 2026 at 16:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: Use after free in Accessibility
Weaknesses CWE-825
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Important

Fri, 29 May 2026 00:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Use after free in Accessibility in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-30T03:56:29.723Z

Reserved: 2026-05-28T17:24:48.298Z

Link: CVE-2026-9905

cve-icon Vulnrichment

Updated: 2026-05-29T14:45:40.668Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-28T23:16:48.553

Modified: 2026-05-29T16:16:36.987

Link: CVE-2026-9905

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9905 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T16:30:02Z

Weaknesses