Skip to main content

Google Chrome CVE-2026-14398

| EUVDEUVD-2026-41196 CRITICAL
Use After Free (CWE-416)
2026-07-01 Chrome GHSA-jcwp-jr96-x94x
9.6
CVSS 3.1 · Vendor: Chrome
Share

Severity by source

Vendor (Chrome) PRIMARY
9.6 CRITICAL
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
vuln.today AI
9.6 CRITICAL

Remote crafted page needs user interaction (UI:R); a use-after-free sandbox escape causes a scope change (S:C) with full memory-control impact across C/I/A.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
SUSE
CRITICAL
qualitative

Primary rating from Vendor (Chrome).

CVSS VectorVendor: Chrome

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 02, 2026 - 01:27 vuln.today
CVSS changed
Jul 02, 2026 - 00:22 NVD
9.6 (CRITICAL)
CVE Published
Jul 01, 2026 - 22:22 cve.org
CRITICAL 9.6
CVE Published
Jul 01, 2026 - 22:22 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

AnalysisAI

Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 150.0.7871.46 lets a remote attacker break out of the renderer sandbox when a victim opens a crafted HTML page. Rated Critical by Chromium with a 9.6 CVSS score, the flaw is a use-after-free (CWE-416) requiring only that the target visit a malicious site. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Lure victim to malicious HTML page
Delivery
Page triggers WebGL/ANGLE processing
Exploit
Trigger use-after-free in ANGLE
Execution
Corrupt heap and hijack execution
Impact
Escape renderer sandbox to host context

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to open an attacker-controlled crafted HTML page in a vulnerable Chrome build (before 150.0.7871.46), so user interaction is mandatory (UI:R) - there is no zero-click path. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals conflict in an important way. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker hosts a malicious web page containing crafted content that triggers the use-after-free in ANGLE, then lures a victim running an unpatched Chrome to visit it (e.g., via phishing or a malvertising redirect). When the page renders, the freed-then-reused memory is manipulated to corrupt the graphics context and escape the renderer sandbox, giving the attacker execution at a higher privilege level on the host. …
Remediation Vendor-released patch: 150.0.7871.46 - upgrade Google Chrome to 150.0.7871.46 or later on all desktop platforms and relaunch the browser to apply the update (Chrome auto-updates but requires a restart to complete). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Chrome deployments and identify systems running versions prior to 150.0.7871.46. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Critical
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-14398 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy