Description
Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-28
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in Chrome’s UI on Windows allows an attacker who has compromised the renderer process to escape the browser sandbox, a high‑severity vulnerability classified as CWE‑416 and CWE‑825.

Affected Systems

Google Chrome on Windows, with versions older than 148.0.7778.216, is affected.

Risk and Exploitability

The CVSS score of 8.3 indicates high severity, while the EPSS score of <1% suggests exploitation is rare as of now. The vulnerability is not listed in CISA KEV. The attack vector requires a prior compromise of the renderer process, most likely via a malicious HTML page delivered by a remote site. If exploited, the attacker could gain privileges on the host system.

Generated by OpenCVE AI on May 29, 2026 at 16:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Chrome to version 148.0.7778.216 or newer.
  • Disable third‑party extensions and reduce JavaScript exposure on untrusted sites to limit renderer privileges.
  • Use Chrome’s Safe Browsing and restrict file downloads, and consider disabling remote debugging if available.

Generated by OpenCVE AI on May 29, 2026 at 16:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows

Fri, 29 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome UI May Enable Renderer Sandbox Escape on Windows chromium-browser: Use after free in UI
Weaknesses CWE-825
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Important

Fri, 29 May 2026 01:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome UI May Enable Renderer Sandbox Escape on Windows

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-29T14:41:21.736Z

Reserved: 2026-05-28T17:24:55.367Z

Link: CVE-2026-9937

cve-icon Vulnrichment

Updated: 2026-05-29T14:41:18.330Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T23:16:51.830

Modified: 2026-05-29T16:52:33.860

Link: CVE-2026-9937

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9937 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T16:30:02Z

Weaknesses