Description
Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-28
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a use‑after‑free flaw in the Glic component of Google Chrome, classified as CWE‑416 and CWE‑825. It allows a remote attacker to craft an HTML page that, when opened in the browser, triggers the use‑after‑free and causes the browser to execute arbitrary code while operating inside its sandbox.

Affected Systems

The flaw affects all editions of Google Chrome running any version older than 148.0.7778.216. This includes the stable channel, beta, dev, and canary builds that have not yet received the 148.0.7778.216 update. Users on Windows, macOS, and Linux platforms are susceptible, as the vulnerability is in the core Chromium rendering engine shared across platforms.

Risk and Exploitability

Chromium has labeled the severity as High. The CVSS base score is 8.8, indicating high severity. The EPSS score is 0.0008, showing a very low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the likely attack vector is a remote attacker delivering a crafted HTML page to a user’s browser, suggesting that the flaw is exploitable when users access malicious or compromised web content. Because sandboxing limits the damage, the impact is mitigated compared to an arbitrary‑code execution that escapes sandbox boundaries, yet the ability to run code inside the browser remains a serious threat.

Generated by OpenCVE AI on May 29, 2026 at 14:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to version 148.0.7778.216 or newer, which removes the Glic use‑after‑free bug.
  • Ensure that Chrome’s sandbox features remain enabled, as they contain any code that does get executed within the browser’s child processes.
  • Limit installed extensions to those that are essential, and use the least‑privilege permissions model to reduce the risk that an extension could be co‑opted to exploit the flaw.

Generated by OpenCVE AI on May 29, 2026 at 14:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use‑after‑Free in Chrome Glic Component Enables Remote Code Execution in Sandbox chromium-browser: Use after free in Glic
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Important

Fri, 29 May 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 29 May 2026 01:15:00 +0000

Type Values Removed Values Added
Title Use‑after‑Free in Chrome Glic Component Enables Remote Code Execution in Sandbox

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-29T10:58:24.293Z

Reserved: 2026-05-28T17:25:06.406Z

Link: CVE-2026-9978

cve-icon Vulnrichment

Updated: 2026-05-29T10:24:56.974Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T23:16:56.027

Modified: 2026-05-29T16:43:30.273

Link: CVE-2026-9978

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9978 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T15:00:17Z

Weaknesses