Skip to main content

Google Chrome CVE-2026-13879

| EUVDEUVD-2026-40565 MEDIUM
Use After Free (CWE-416)
2026-06-30 chrome-cve-admin@google.com GHSA-4ccf-vvrm-fqpq
6.5
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Bluetooth adjacency mandates physical proximity; no attacker auth needed; impact is process memory read only, no integrity or availability loss.

3.1 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 02:25 vuln.today
CVSS changed
Jul 01, 2026 - 02:22 NVD
6.5 (MEDIUM)
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 30, 2026 - 23:17 cve.org
MEDIUM 6.5

DescriptionCVE.org

Use after free in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Medium)

AnalysisAI

Use-after-free in Google Chrome's Bluetooth subsystem (all versions prior to 150.0.7871.47) enables an unauthenticated attacker within Bluetooth radio range to leak sensitive data from Chrome's process memory by operating a malicious Bluetooth peripheral. The CVSS vector (AV:A/PR:N/UI:N/C:H) confirms no attacker-side authentication is required and impact is confidentiality-only, with no integrity or availability loss. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Position rogue Bluetooth device within radio range
Delivery
Initiate Bluetooth connection or service discovery with target Chrome instance
Exploit
Send crafted Bluetooth protocol messages to trigger use-after-free in Chrome Bluetooth stack
Execution
Read contents of freed process memory region
Impact
Exfiltrate sensitive in-memory browser data

Vulnerability AssessmentAI

Exploitation The victim must be running Google Chrome prior to version 150.0.7871.47 with Bluetooth hardware present and enabled at the OS level. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 6.5 vector (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) is internally consistent with the description: adjacency constrains the attack to Bluetooth radio range, AC:L indicates low operational complexity once in range, and PR:N/UI:N confirm no victim cooperation or attacker authentication is needed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker positions a rogue Bluetooth device - such as a modified microcontroller or a laptop running custom Bluetooth firmware - within radio range (typically up to 10 meters for Class 2 devices) of a target running unpatched Chrome. The rogue peripheral sends specially crafted Bluetooth protocol messages during the connection or service-discovery phase, triggering the use-after-free condition in Chrome's Bluetooth subsystem. …
Remediation Update Google Chrome to version 150.0.7871.47 or later immediately via Chrome's built-in update mechanism (Settings > Help > About Google Chrome) or by referencing the stable channel advisory at http://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-13879 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy