Skip to main content

Google Chrome EUVDEUVD-2026-40531

| CVE-2026-13845 HIGH
Use After Free (CWE-416)
2026-06-30 chrome-cve-admin@google.com GHSA-j88h-8hg6-4p3w
8.8
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
8.8 HIGH

Remote crafted page needs a victim visit (UI:R) and no privileges (PR:N); impact is high but sandbox-confined so scope stays Unchanged (S:U).

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
SUSE
HIGH
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 14:23 vuln.today
CVSS changed
Jul 01, 2026 - 14:22 NVD
8.8 (HIGH)
CVE Published
Jun 30, 2026 - 23:16 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 30, 2026 - 23:16 cve.org
HIGH 8.8

DescriptionCVE.org

Use after free in DOM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

AnalysisAI

Arbitrary code execution in Google Chrome's DOM implementation lets a remote attacker run code within the renderer sandbox by luring a victim to a crafted HTML page. All desktop Chrome builds before 150.0.7871.47 are affected; Chromium rates the flaw High severity. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Lure victim to crafted HTML page
Delivery
Page JavaScript triggers DOM use-after-free
Exploit
Heap groomed to reclaim freed object
Execution
Corrupt memory and hijack control flow
Impact
Execute arbitrary code within renderer sandbox

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to actively load attacker-controlled web content in a vulnerable Chrome build (UI:R - the crafted HTML page must be visited/rendered); no authentication or prior privileges are needed (PR:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, score 8.8) reflects network reach, low complexity, no privileges, and full impact, tempered by required user interaction (visiting a page). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker hosts or injects a malicious HTML page (via a compromised site, malvertising, or a phishing link) that triggers the DOM use-after-free when rendered. When a victim running a vulnerable Chrome version visits the page, the freed-object reuse corrupts memory and executes attacker-controlled code within the renderer sandbox, which could then be paired with a separate sandbox-escape for full compromise. …
Remediation Vendor-released patch: upgrade Google Chrome to 150.0.7871.47 or later on all desktop platforms, per the Chrome Releases advisory (https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html); most installations update automatically, but verify via chrome://settings/help and relaunch to apply, since the fix is inert until restart. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: inventory all Chrome versions in use across desktop endpoints and assess your patch management infrastructure. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

EUVD-2026-40531 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy