Skip to main content

Google Chrome EUVDEUVD-2026-42448

| CVE-2026-15119 HIGH
Race Condition (CWE-362)
2026-07-08 chrome-cve-admin@google.com GHSA-q66r-h3m9-74hh
8.3
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
8.3 HIGH
AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
vuln.today AI
8.3 HIGH

Race condition makes reliable exploitation hard (AC:H) and requires visiting a page (UI:R); sandbox escape crosses a trust boundary (S:C) with full host impact; PR:N reflects web-delivery stage though a prior renderer compromise is needed in practice.

3.1 AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
4.0 AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 09, 2026 - 11:45 vuln.today
CVSS changed
Jul 09, 2026 - 11:22 NVD
8.3 (HIGH)
CVE Published
Jul 08, 2026 - 23:16 cve.org
UNKNOWN (no severity yet)
CVE Published
Jul 08, 2026 - 23:16 cve.org
HIGH 8.3

DescriptionCVE.org

Race in GetUserMedia in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

AnalysisAI

Sandbox escape in Google Chrome's GetUserMedia (WebRTC media capture) implementation allows an attacker who has already compromised the renderer process to break out of the browser sandbox by exploiting a race condition via a crafted HTML page, affecting all desktop Chrome builds prior to 150.0.7871.115. Rated High by Chromium and scored CVSS 8.3, this is a second-stage exploitation primitive typically chained after an initial renderer RCE; no public exploit identified at time of analysis and it is not listed in CISA KEV. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Lure victim to crafted page
Delivery
Compromise renderer via prior bug
Exploit
Drive GetUserMedia race operations
Execution
Win TOCTOU timing window
Persist
Corrupt browser-process state
Impact
Escape sandbox with browser privileges

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to have ALREADY compromised the Chrome renderer process (a first-stage renderer RCE is a hard prerequisite - this bug alone does not grant initial access), plus victim user interaction (UI:R) to load a crafted HTML page that exercises the GetUserMedia code path. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The official CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H = 8.3) reflects high impact and scope change, but several signals temper real-world urgency. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker first achieves code execution in the Chrome renderer (for example via a separate exploited web bug) when a victim visits an attacker-controlled page, then serves crafted HTML/JS that repeatedly drives GetUserMedia operations to trigger the race. By winning the timing window, the renderer manipulates shared media state to corrupt the more-privileged browser process and escape the sandbox, gaining code execution at browser-process privilege on the host. …
Remediation Vendor-released patch: update Google Chrome to 150.0.7871.115 or later via the Stable channel, then fully relaunch the browser so the new binary loads (Chrome staged updates do not take effect until restart). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Inventory Chrome deployments and version distribution across endpoints. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-42448 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy