Skip to main content

Google Chrome EUVDEUVD-2026-40715

| CVE-2026-14027 HIGH
Use After Free (CWE-416)
2026-06-30 chrome-cve-admin@google.com GHSA-2xhc-pmcp-mwpw
8.8
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
8.8 HIGH

Network-delivered via crafted page (AV:N) with no privileges (PR:N) but requiring victim UI gestures (UI:R); heap-corruption-to-RCE justifies C/I/A:H, though 'specific gestures' arguably approaches AC:H.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
SUSE
HIGH
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 15:32 vuln.today
CVSS changed
Jul 01, 2026 - 15:22 NVD
8.8 (HIGH)
CVE Published
Jun 30, 2026 - 23:17 cve.org
HIGH 8.8
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Use after free in SignIn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

AnalysisAI

Use-after-free in Google Chrome's SignIn component (versions prior to 150.0.7871.47) allows a remote attacker to trigger heap corruption and potentially achieve code execution after luring a victim to a crafted HTML page and performing specific UI gestures. No public exploit was identified at time of analysis, and with an EPSS of 0.17% (7th percentile) and Chromium-rated 'Low' severity, near-term mass exploitation appears unlikely despite the high 8.8 CVSS. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Lure user to crafted HTML page
Delivery
Induce specific SignIn UI gestures
Exploit
Trigger use-after-free in SignIn
Execution
Reclaim freed heap object
Persist
Corrupt heap for control-flow hijack
Impact
Attempt code execution in browser

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to load an attacker-crafted HTML page AND to perform specific UI gestures that drive the vulnerable SignIn/account flow - the description explicitly conditions the bug on the user being convinced 'to engage in specific UI gestures,' which is a stronger prerequisite than the generic UI:R in the CVSS vector. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals here are notably in tension. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker hosts a malicious web page and, via social engineering (phishing link, malvertising), lures a Chrome user to it and prompts them into the specific UI gestures involving the sign-in flow that trigger the use-after-free. The freed SignIn object is reclaimed with attacker-controlled heap data, corrupting memory in an attempt to hijack control flow within the browser process. …
Remediation Vendor-released patch: update Google Chrome to 150.0.7871.47 or later via the Chrome Releases Stable channel update (https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Verify Chrome auto-update is enabled organization-wide and alert users to manual update if needed. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

EUVD-2026-40715 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy