Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Local malicious peripheral (AV:L) with no privileges but required user authorization of the device (UI:R); memory corruption yields full code execution, so C/I/A all High.
Primary rating from Vendor (google).
CVSS VectorVendor: google
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. (Chromium security severity: Critical)
AnalysisAI
Local arbitrary code execution in Google Chrome for macOS (versions prior to 150.0.7871.47) stems from a use-after-free in the WebUSB implementation, which Chromium rates Critical. A local attacker who can present a malicious USB peripheral to a victim who authorizes it can corrupt renderer memory and run attacker-controlled code within the browser's context. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the WebUSB feature to be reachable and a malicious USB peripheral that the victim explicitly authorizes: the victim must be running Chrome on macOS below 150.0.7871.47, must interact with a page that invokes WebUSB, and must grant the per-device permission prompt (UI:R) for the attacker's peripheral (AV:L, local peripheral access). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, base 7.8 High) indicates local attack vector with no privileges but required user interaction, high impact to confidentiality, integrity, and availability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker supplies or connects a malicious USB peripheral (or a device that emulates one) to a macOS system running a vulnerable Chrome, and lures the user to a page that requests WebUSB access to it; when the user grants the permission prompt, crafted device responses trigger the use-after-free and execute code in Chrome's process. Given AV:L and UI:R, the attack requires local peripheral presence and a user authorization step, and no public exploit code is currently known. |
| Remediation | Vendor-released patch: update Google Chrome on macOS to 150.0.7871.47 or later, as delivered through the stable channel update announced at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html; restart the browser to ensure the update applies. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Audit Chrome versions on macOS systems using endpoint management or MDM tools to identify vulnerable versions (all prior to 150.0.7871.47). …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-416 – Use After Free
View allSame technique Memory Corruption
View allVendor StatusVendor
SUSE
Severity: Important| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40464
GHSA-wh8g-jghw-8946