Skip to main content

Google Chrome EUVDEUVD-2026-34357

| CVE-2026-10908 HIGH
Use After Free (CWE-416)
2026-06-04 chrome-cve-admin@google.com GHSA-whc8-7pcg-p626
8.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.3 HIGH
AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
SUSE
HIGH
qualitative
Red Hat
9.0 HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
CVE Published
Jun 22, 2026 - 06:03 cve.org
HIGH 8.3
Analysis Generated
Jun 05, 2026 - 02:31 vuln.today
CVSS changed
Jun 05, 2026 - 02:22 NVD
8.3 (HIGH)
CVE Published
Jun 04, 2026 - 23:16 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

AnalysisAI

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting a use-after-free condition in the FullScreen component. Rated High severity by Chromium with a CVSS of 8.3, the flaw requires user interaction and high attack complexity, and no public exploit identified at time of analysis. The vendor has issued a stable channel update addressing the issue.

Technical ContextAI

The vulnerability is a CWE-416 (Use-After-Free) memory corruption bug located in the FullScreen subsystem of Chromium, the browser engine underlying Google Chrome. Use-after-free occurs when memory is referenced after it has been deallocated, allowing an attacker to manipulate freed memory regions to corrupt object state, hijack virtual function calls, or achieve arbitrary read/write primitives. In Chrome's multi-process architecture, the renderer process is sandboxed via Windows job objects and integrity levels to contain web content, so a UAF in browser-process code reachable from the renderer (such as the FullScreen IPC surface) becomes a privileged-boundary bug usable as the second stage of a full sandbox escape chain.

RemediationAI

Upgrade Google Chrome on Windows to version 149.0.7827.53 or later via the Stable channel update referenced in the Chrome Releases advisory (https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html); enterprise administrators should push the update through Group Policy, Chrome Browser Cloud Management, or their endpoint management platform and force a browser restart to apply the patch. If immediate patching is not possible, compensating controls include disabling the Fullscreen API via the FullscreenAllowedForUrls / DefaultFullscreenSetting enterprise policies (trade-off: breaks legitimate video, presentation, and game web apps), restricting browsing to a strict allowlist of trusted sites, and enforcing Site Isolation plus the Windows renderer App Container sandbox (already default in modern Chrome) to raise the cost of the prerequisite renderer compromise. Users of downstream Chromium browsers should watch for and apply their vendor's corresponding security update; the Chromium issue tracker entry at https://issues.chromium.org/issues/505045913 may remain access-restricted until broad patch deployment.

Vendor StatusVendor

SUSE

Severity: High
Product Status
openSUSE Tumbleweed Fixed

Share

EUVD-2026-34357 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy