Use After Free (CWE-416)
8.3
CVSS 3.1 · Vendor: Chrome
Share
Severity by source
Vendor (Chrome)
PRIMARY
8.3
HIGH
AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
SUSE
CRITICAL
qualitative
Red Hat
8.3
HIGH
qualitative
Primary rating from Vendor (Chrome).
CVSS VectorVendor: Chrome
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Lifecycle Timeline
1
CVE Published
Jun 11, 2026 - 20:48 cve.org
UNKNOWN (no severity yet)
DescriptionCVE.org
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. (Chromium security severity: High)
Analysis
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. (Chromium security severity: High)
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allVendor StatusVendor
SUSE
Severity: Critical| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).
EUVD-2026-36335
GHSA-p379-73vv-4h7j