Chrome
Monthly
Remote code execution in Google Chrome versions prior to 149.0.7827.53 is possible through a use-after-free flaw in the WebRTC component, allowing a remote attacker to execute arbitrary code within the renderer sandbox when a victim visits a crafted HTML page. The issue carries a CVSS 3.1 score of 8.8 (High) and a vendor patch is available, though there is no public exploit identified at time of analysis and the flaw is rated Medium severity by Chromium's own security team.
Sandbox escape in Google Chrome's Autofill component prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) requiring user interaction (UI:R) and a chained renderer compromise, and no public exploit has been identified at time of analysis despite the very high 9.6 CVSS score driven by scope change.
UI spoofing in Google Chrome's Payments subsystem (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to manipulate what the victim sees during a payment flow, achieving high-integrity impact by deceiving users into authorizing fraudulent transactions or submitting payment credentials to attacker-controlled surfaces. The attack requires the victim to visit a crafted HTML page and perform specific UI gestures, as confirmed by the CVSS UI:R designation. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% at the 11th percentile indicates minimal current exploitation activity despite the network-reachable attack vector.
Remote code execution in Google Chrome on Linux prior to 149.0.7827.53 allows attackers to execute arbitrary code within the renderer sandbox by luring a user to a malicious web page that triggers a use-after-free condition in the Fonts component. The flaw carries a CVSS 3.1 base score of 8.8 (High) and no public exploit identified at time of analysis, though Chromium memory-corruption issues historically attract rapid POC development. Exploitation requires user interaction (visiting attacker-controlled content) but no authentication.
Integer overflow in Chrome's ANGLE graphics layer on Windows enables process memory disclosure for attackers who have already compromised the renderer process. Affected versions are all Google Chrome releases prior to 149.0.7827.53 on Windows. An attacker who has first achieved renderer compromise can trigger the ANGLE integer overflow via a crafted HTML page to read potentially sensitive data from process memory - functioning as a second-stage information leak within a chained exploit. No public exploit identified at time of analysis, and EPSS at 0.03% (11th percentile) reflects low observed exploitation probability.
Out-of-bounds memory read in Chrome's Media component allows a local-network-adjacent attacker to leak partial memory contents via specially crafted network traffic. Affects all Chrome releases prior to 149.0.7827.53 on desktop platforms, as confirmed by Google's stable channel advisory. No public exploit code exists and no active exploitation has been identified; SSVC assessment rates technical impact as partial with exploitation status none, placing this in a lower-priority remediation tier despite the unauthenticated vector.
Insufficient policy enforcement in Google Chrome's Extensions subsystem prior to version 149.0.7827.53 allows a crafted extension to bypass discretionary access controls (DAC), producing high-integrity impact with no confidentiality or availability consequence. Exploitation requires an attacker to socially engineer a user into installing a malicious extension, after which the extension subverts Chrome's permission boundary enforcement. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog; EPSS is extremely low at 0.01% (1st percentile), consistent with no observed mass exploitation.
Same Origin Policy bypass in Google Chrome's Workers implementation (versions prior to 149.0.7827.53) allows an unauthenticated remote attacker to violate cross-origin integrity boundaries by luring a victim to a crafted HTML page. The CVSS vector confirms no privileges are required but user interaction is necessary, yielding a High integrity impact with no confidentiality or availability consequence. No public exploit has been identified and EPSS stands at 0.02% (4th percentile), indicating no confirmed active exploitation at time of analysis.
Heap corruption in Google Chrome's TabStrip component before 149.0.7827.53 lets a remote attacker who can lure a user into specific UI interactions on a malicious HTML page trigger memory corruption with high impact to confidentiality, integrity, and availability. The flaw carries a CVSS 8.8 due to network reachability and lack of authentication, though user interaction is required; there is no public exploit identified at time of analysis and EPSS is very low at 0.03%.
Uninitialized memory read in Chrome's ANGLE graphics layer exposes process memory contents to remote attackers who can trick users into visiting a crafted HTML page. Affected are all Chrome releases prior to 149.0.7827.53 on desktop platforms, as confirmed by the Google Chrome Releases advisory. No public exploit identified at time of analysis, and the EPSS score of 0.03% (11th percentile) indicates low current exploitation probability; however, the CVSS confidentiality impact is rated High, meaning successful exploitation could yield sensitive in-process data such as credentials, tokens, or cryptographic material resident in memory.
Heap-based buffer overflow in the Skia graphics rendering library within Google Chrome versions prior to 149.0.7827.53 enables remote attackers to read sensitive data from renderer process memory. Exploitation requires no authentication (PR:N) but does require user interaction - a victim must visit a specially crafted HTML page - and yields high confidentiality impact (C:H) with no integrity or availability impact per the CVSS vector. No public exploit has been identified at time of analysis, and the EPSS score of 0.03% (10th percentile) indicates very low current exploitation probability; CISA KEV active exploitation status is not confirmed.
Memory disclosure in Google Chrome's Animation component (all versions prior to 149.0.7827.53) enables an unauthenticated remote attacker to read potentially sensitive data from the browser's process memory by directing a victim to a crafted HTML page. The flaw arises from insufficient data validation during animation processing - a class of bug that typically permits out-of-bounds or uninitialized memory reads rather than code execution. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) confirms low current exploitation probability despite the CVSS confidentiality impact being rated High.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows remote attackers to execute arbitrary code inside the renderer sandbox by serving a crafted HTML page and convincing a user to perform specific UI gestures. The flaw is a use-after-free (CWE-416) memory corruption issue with a high CVSS score of 8.8, rated Medium severity by Chromium; no public exploit identified at time of analysis.
Sandbox escape in Google Chrome's Glic component prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free memory corruption issue (CWE-416) requiring user interaction and a chained renderer compromise; no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.03%.
Heap corruption in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows remote attackers to potentially achieve code execution when a user visits a crafted HTML page and performs specific UI interactions. The flaw is rated High severity by Chromium and CVSS 8.8, though no public exploit identified at time of analysis and EPSS scoring places near-term mass exploitation probability at 0.03%. A vendor patch is already available through the Stable Channel update.
Sandbox escape in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free in the Views component, triggered by a crafted HTML page. Google rates the Chromium security severity as High and a vendor patch is available, though no public exploit has been identified at time of analysis and EPSS exploitation probability is currently very low (0.03%).
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by serving a crafted HTML page that triggers an integer overflow in the V8 JavaScript engine. The flaw is rated High severity by Chromium and carries a CVSS 8.8 score requiring user interaction (visiting a malicious page). At time of analysis, no public exploit identified at time of analysis and the issue is not listed in CISA KEV, though Chrome V8 bugs are historically attractive targets for exploit developers.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by delivering a malicious media file. The flaw is rated High severity by Chromium and carries a CVSS 3.1 score of 8.8, requiring only that a user visit attacker-controlled content or open a crafted media resource. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Cross-origin data leakage in Google Chrome's Skia graphics library prior to version 149.0.7827.53 enables unauthenticated remote attackers to read out-of-bounds memory and exfiltrate data from foreign origins via a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms high confidentiality impact with no privileges required, though a victim must visit an attacker-controlled page to trigger the read. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) suggests limited exploitation activity; however, same-origin policy bypass in a mainstream browser is a meaningful web security concern warranting prompt patching.
UI spoofing in Google Chrome's Accessibility component on Android prior to 149.0.7827.53 enables remote attackers to misrepresent interface elements via a crafted HTML page. Per the CVSS vector (PR:N/UI:R), unauthenticated remote attackers can achieve this through user-visited pages, with limited integrity and availability impact (I:L/A:L) and no confidentiality breach. EPSS at 0.03% (11th percentile) indicates very low exploitation probability, no public exploit exists, and this vulnerability is not listed in the CISA KEV catalog.
Sandbox escape in Google Chrome's Dawn component (versions prior to 149.0.7827.53) allows remote attackers to break out of the renderer sandbox via a crafted HTML page when a user visits a malicious site. Google Chromium rates the severity as High and a fix has shipped in the stable channel; no public exploit identified at time of analysis and EPSS exploitation probability is currently very low (0.05%).
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to visit a crafted HTML page that triggers a use-after-free in the WebXR component. Google rates the issue High severity and CVSS scores it 8.8, with user interaction required but no authentication or privileges needed; no public exploit identified at time of analysis.
Cross-origin data leakage in Google Chrome's Codecs subsystem affects all versions prior to 149.0.7827.53, enabling an attacker who has already compromised the renderer process to exfiltrate sensitive data from other origins via a crafted video file. The vulnerability bypasses Same-Origin Policy protections and exposes high-confidentiality content (CVSS C:H), though impact is scoped to information disclosure with no integrity or availability consequence. This CVE is not currently listed in CISA KEV, no public exploit has been identified at time of analysis, and EPSS at 0.05% (15th percentile) indicates low widespread exploitation probability.
Same-origin policy bypass in Google Chrome's DevTools component (all versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to bypass SOP protections via a crafted HTML page, resulting in a high-integrity impact with no confidentiality or availability loss. The attack requires user interaction (victim must visit a malicious page) and a prior renderer process compromise as a chained prerequisite, materially constraining real-world exploitability beyond the raw CVSS score implies. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog; EPSS probability stands at 0.02% (6th percentile), consistent with a low-probability exploitation scenario.
Out-of-bounds read in ANGLE (Chrome's graphics abstraction layer) affects all Google Chrome versions prior to 149.0.7827.53, enabling remote information disclosure from process memory. An unauthenticated remote attacker can trigger the memory leak by inducing a victim to visit a crafted HTML page - no privileges are required on the attacker's side, though user interaction is necessary. No public exploit identified at time of analysis and EPSS sits at 0.03% (11th percentile), indicating low current exploitation probability despite Google's 'High' Chromium severity rating.
Remote code execution in Google Chrome on Windows prior to version 149.0.7827.53 stems from a use-after-free flaw in the Chromoting (Chrome Remote Desktop) component. A remote attacker can deliver malicious network traffic that, combined with minimal user interaction, allows arbitrary code execution within the browser's renderer context. No public exploit identified at time of analysis, but Google rates the underlying Chromium severity as High.
Uninitialized memory use in Skia, Chrome's 2D graphics rendering engine, enables cross-origin data leakage in Google Chrome versions prior to 149.0.7827.53. Exploitation requires an attacker to have already compromised the renderer process and to deliver a crafted HTML page, making this a second-stage component in a multi-step attack chain rather than a standalone critical exploit. EPSS stands at 0.03% (11th percentile) and no active exploitation has been recorded in CISA KEV, aligning with its role as a chained, post-renderer-compromise primitive.
Information disclosure in Google Chrome versions prior to 149.0.7827.53 allows remote attackers to leak sensitive process memory through a crafted HTML page that triggers an uninitialized memory read in the Dawn WebGPU implementation. Google rates the underlying Chromium issue as High severity, and a patched stable channel build is available, though no public exploit has been identified at time of analysis and EPSS exploitation probability remains very low at 0.03%.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the WebRTC component, enabling a remote attacker to execute arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. The issue is rated High severity by Chromium and carries a CVSS 3.1 score of 8.8 (AV:N/AC:L/PR:N/UI:R), reflecting low complexity and no privilege requirement but requiring user interaction. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 149.0.7827.53 allows a remote attacker to break out of the renderer sandbox via a crafted HTML page when a victim visits a malicious site. The flaw is rated CVSS 9.6 due to scope change (S:C) and full CIA impact, though EPSS estimates only a 0.05% near-term exploitation probability and no public exploit has been identified at time of analysis.
Cross-origin data leakage in Google Chrome's Dawn WebGPU implementation prior to version 149.0.7827.53 allows a remote attacker to read sensitive data from other origins by luring a user to a crafted HTML page. Chromium rates this High severity and a vendor patch is available, though no public exploit has been identified at time of analysis and EPSS places exploitation probability at 1.64% (82nd percentile).
Sandbox escape in Google Chrome on Linux prior to 149.0.7827.53 allows a remote attacker to break out of the renderer process by luring a user to a crafted HTML page that triggers a use-after-free in the Ozone display/windowing layer. Google rates the underlying Chromium issue as High severity and a vendor patch is available; no public exploit identified at time of analysis and the EPSS score is very low (0.03%).
Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the Printing component. Chromium rates the issue High severity and a vendor patch is available, though no public exploit has been identified at time of analysis and EPSS remains very low at 0.05%.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the InterestGroups component. Google rates the Chromium severity as High, and CVSS scores it 8.3 with a changed scope reflecting the cross-boundary impact. No public exploit identified at time of analysis, though a vendor patch is available.
Privilege escalation in Google Chrome's Extensions component prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape sandbox restrictions via a crafted HTML page. Chromium rates the issue High severity; no public exploit has been identified at time of analysis and SSVC reports exploitation status as none, though the technical impact is total if chained successfully.
Cross-origin data disclosure in Google Chrome on Windows prior to 149.0.7827.53 allows remote attackers who have already compromised the renderer process to leak data from other origins via a crafted HTML page in the Dawn (WebGPU) component. Google rates the underlying issue High severity, but no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.05%.
Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the Chrome sandbox via a crafted HTML page that triggers a use-after-free in the SurfaceCapture component. The flaw is rated High severity by Chromium and carries a CVSS 3.1 score of 8.3 with scope change, reflecting that successful exploitation crosses the renderer/browser security boundary. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows remote attackers to break out of the renderer process sandbox by delivering a crafted video file processed by the browser's codec implementation. The CVSS 9.6 score reflects a scope-changing impact across confidentiality, integrity, and availability, though exploitation requires user interaction such as visiting a malicious page. No public exploit identified at time of analysis, and EPSS exploitation probability remains low at 0.05%.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by enticing a victim to visit a crafted HTML page that triggers an integer overflow in DevTools. Google has rated this Chromium issue as High severity and a vendor patch is available; no public exploit identified at time of analysis, and the bug is not currently listed in CISA KEV.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from an integer overflow in the V8 JavaScript engine, enabling a remote attacker to execute arbitrary code within the renderer sandbox via a crafted HTML page. The flaw is rated High severity by Chromium with a CVSS score of 8.8, requires user interaction (visiting a malicious page), and no public exploit has been identified at time of analysis. While exploitation is sandboxed, V8 RCE bugs historically chain with sandbox escapes to achieve full host compromise, making this a priority patch for browser fleets.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. Google has rated the issue High severity and shipped a stable-channel patch; no public exploit has been identified at time of analysis, and the bug tracker entry remains access-restricted per Chromium's standard disclosure practice.
Remote code execution in Google Chrome before 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by luring a user to a crafted HTML page that triggers a type confusion in the Media component. The flaw carries a CVSS 8.8 (High) rating and requires user interaction (visiting a page), and while no public exploit has been identified at time of analysis, Chromium-rated High Media bugs have historically been chained with sandbox escapes for full compromise.
Sandbox escape in Google Chrome for iOS before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting a use-after-free condition. The flaw is rated High severity by Chromium and has a CVSS score of 8.3, but no public exploit has been identified at time of analysis and it is not listed in CISA KEV. Successful exploitation typically requires chaining with a separate renderer-compromise primitive, raising the practical bar.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting an uninitialized memory use in the Codecs component. Google has rated this Chromium security severity as High, and no public exploit has been identified at time of analysis. The flaw requires chaining with a separate renderer compromise, but combined with a renderer RCE it enables full host code execution outside Chrome's sandbox.
Sandboxed remote code execution in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by luring a user to a crafted HTML page. The flaw is a use-after-free in the Input component, rated High by Chromium and 8.8 by CVSS. No public exploit identified at time of analysis, but Chrome UAF bugs in renderer-reachable components are historically high-value targets for chained sandbox escapes.
Remote code execution in Google Chrome for iOS before 149.0.7827.53 allows a remote attacker to execute arbitrary code by enticing a user to visit a crafted HTML page and perform specific UI gestures, triggering a use-after-free condition. Google rates the underlying Chromium issue as High severity, and no public exploit has been identified at time of analysis. The flaw requires user interaction, which somewhat reduces but does not eliminate real-world risk given Chrome's massive install base on iOS.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the Glic component, allowing a remote attacker to run arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. Google has rated the Chromium security severity as High, and a vendor patch is available, though no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Type confusion in the ANGLE graphics translation layer of Google Chrome on Windows prior to 149.0.7827.53 enables remote attackers to trigger out-of-bounds memory access through a crafted HTML page, with potential for memory corruption leading to code execution in the renderer process. Chromium rates this High severity and a vendor patch is available, though no public exploit is identified at time of analysis and EPSS exploitation probability is currently 0.03%.
Sandbox escape in Google Chrome on Android versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw stems from a use-after-free condition in the Core component and is rated High severity by Chromium with a CVSS of 8.3. No public exploit identified at time of analysis, though the bug enables a critical post-exploitation chain step when paired with a renderer RCE.
Heap corruption in Google Chrome for iOS prior to 149.0.7827.53 allows remote attackers to potentially execute arbitrary code by luring a user to a crafted HTML page that triggers a use-after-free condition. Google has rated this as High severity and a vendor patch is available, though no public exploit has been identified at time of analysis. The CVSS 8.8 score reflects network-reachable exploitation with low complexity but requires user interaction (visiting a malicious page).
Heap corruption in Google Chrome on iOS before version 149.0.7827.53 enables remote attackers to potentially execute arbitrary code by enticing a user to interact with a malicious HTML page that triggers a use-after-free in the Autofill component. Chromium rates the underlying flaw as High severity, and while a vendor patch is available, no public exploit has been identified at time of analysis and EPSS remains very low at 0.03%.
Cross-origin data leakage in Google Chrome on iOS (versions prior to 149.0.7827.53) stems from insufficient policy enforcement in the Autofill component, enabling a remote unauthenticated attacker to read sensitive cross-origin data by directing a victim to a crafted HTML page. The CVSS score of 6.5 (Medium) reflects high confidentiality impact with no integrity or availability loss; the attack requires user interaction but no attacker privileges. EPSS probability sits at 0.03% (11th percentile), SSVC reports no current exploitation, and the CVE is absent from CISA KEV, collectively indicating low real-world threat urgency despite the medium severity classification.
Cross-origin data exfiltration via Autofill in Google Chrome on iOS (prior to 149.0.7827.53) allows a remote attacker to leak sensitive data across origin boundaries by directing a victim to a crafted HTML page. The flaw stems from insufficient policy enforcement in the Autofill subsystem - a protection mechanism failure (CWE-693) that bypasses same-origin boundary controls exclusive to the iOS platform build of Chrome. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) indicates very low observed exploitation probability. A vendor-released patch is available.
Local privilege escalation in Google Chrome on Windows prior to 149.0.7827.53 enables an attacker who can deliver a malicious file to a victim to elevate privileges via an inappropriate UI implementation. Google's Chromium team rated the severity as High and a stable channel patch has been released, but no public exploit has been identified at time of analysis and the issue is not currently listed in CISA KEV.
Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that triggers a race condition in the Codecs component. Chromium rates this High severity, and while no public exploit was identified at time of analysis, the bug fits the classic renderer-to-sandbox-escape pattern frequently chained in real-world Chrome exploit kits. CVSS is 8.3 reflecting high attack complexity, required user interaction, and a scope change.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page that triggers a use-after-free in the WebRTC component. The flaw carries a CVSS 3.1 score of 8.8 (High) and Chromium rates the security severity as High; no public exploit has been identified at time of analysis and the issue is not currently listed in CISA KEV.
Site isolation bypass in Google Chrome prior to 149.0.7827.53 enables a remote attacker - who has already compromised the renderer process - to escape cross-origin protections via a crafted HTML page. The vulnerability stems from inappropriate handling of the Input component (CWE-20: Improper Input Validation) within Chromium's renderer, allowing crafted input to undermine the site isolation security boundary and produce high-integrity impact against cross-origin resources. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at 0.02% (6th percentile), consistent with the renderer pre-compromise prerequisite that constrains standalone exploitation.
Same-origin policy bypass in Google Chrome's Passwords component prior to version 149.0.7827.53 allows remote attackers to access cross-origin resources via a crafted HTML page that a victim must visit. Rated High severity by Chromium with a CVSS of 8.1, the flaw enables exposure or modification of sensitive data across origin boundaries when a user is lured to attacker-controlled content. EPSS probability is very low (0.02%, 4th percentile) and no public exploit identified at time of analysis, but a vendor patch is available.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows attackers to execute arbitrary code within the renderer sandbox by luring a user to a malicious web page. The flaw stems from a type confusion bug rated High severity by Chromium's security team, and while no public exploit has been identified at time of analysis, V8 type confusion bugs are historically high-value targets for browser exploitation chains. A vendor patch is available.
Remote code execution in Google Chrome V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by serving a crafted HTML page to a victim. The flaw is a type confusion bug (CWE-843) in V8 rated High severity by Chromium, with no public exploit identified at time of analysis and SSVC indicating exploitation status 'none' from CISA's framework.
Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who already controls the renderer process to break out of the browser sandbox via a crafted HTML page that triggers a use-after-free in the Autofill component. Chromium rates the severity High and a vendor patch is available; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Sandbox escape in Google Chrome on Windows before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out via a use-after-free in the Audio component when a victim loads a crafted HTML page. Chromium rates the issue High severity and Google has shipped a stable-channel fix, but no public exploit identified at time of analysis and the bug is not listed in CISA KEV.
Heap corruption in Google Chrome on Android before 149.0.7827.53 enables remote attackers to exploit a use-after-free condition in the browser's UI component through a malicious web page. The flaw carries a CVSS 8.8 (High) rating and requires user interaction (visiting a crafted page), with no public exploit identified at time of analysis. Google rates the underlying Chromium severity as High, and a vendor patch is available in the stable channel update.
Sandbox escape in Google Chrome's FileSystem component prior to version 149.0.7827.53 allows a remote attacker to break out of the renderer sandbox via a crafted HTML page that triggers a use-after-free condition. Successful exploitation requires the victim to interact with attacker-controlled web content, but yields a scope change from the constrained renderer process to higher-privileged host context. EPSS is currently low (0.03%) and no public exploit has been identified at time of analysis, though Google rates the underlying Chromium severity as High.
Out-of-bounds memory read in Google Chrome's ANGLE graphics layer on macOS versions prior to 149.0.7827.53 allows remote attackers to disclose memory contents or crash the renderer by enticing a user to visit a crafted HTML page. Google rates the underlying Chromium issue as High severity, and while no public exploit is identified at time of analysis, the EPSS score of 0.03% suggests low near-term mass exploitation likelihood. The flaw requires user interaction (visiting a page) but no authentication, making drive-by web attacks the realistic threat model.
Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a heap buffer overflow in ANGLE. Chromium rates the severity as High, and although no public exploit is identified at time of analysis, the CVSS 8.3 score with scope change reflects the cross-boundary impact when chained with a renderer RCE. This is a classic second-stage bug used in browser exploit chains rather than a standalone one-click compromise.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code through a crafted HTML page that triggers script injection in the Headless component. The flaw is rated High severity by Chromium and carries a CVSS 3.1 base score of 8.8, requiring only that a victim load attacker-controlled web content. No public exploit identified at time of analysis, but Google has released a fix in the Stable channel update for desktop.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 can be achieved by remote attackers who have already compromised the renderer process, leveraging an out-of-bounds read in the Dawn WebGPU implementation via a crafted HTML page. Google rates this as High severity and a vendor patch is available, though no public exploit has been identified at time of analysis. The bug is part of a multi-stage exploitation chain rather than a single-step RCE, but successful chaining yields full escape from Chrome's renderer sandbox.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows an attacker on the same local network segment (adjacent network) to execute arbitrary code by sending malicious traffic to the browser's Cast component. The flaw stems from a use-after-free memory corruption issue in the Cast feature (used for media streaming to devices like Chromecast) and is rated High severity by Chromium with a CVSS score of 8.8. No public exploit identified at time of analysis, though a vendor patch has been released.
Sandbox escape in Google Chrome on macOS prior to 149.0.7827.53 lets a remote attacker who has already compromised the renderer process break out of the Chromium sandbox via a crafted HTML page that triggers an out-of-bounds write in Skia. Google rates the underlying Chromium issue High severity and a vendor patch is available, though no public exploit code has been identified at time of analysis.
Sandbox escape in Google Chrome's Chromecast component prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. Rated High severity by the Chromium project with a CVSS of 8.3, the flaw requires a prior renderer compromise and user interaction, and no public exploit identified at time of analysis. Successful exploitation gives attackers code execution outside the renderer's restricted context, dramatically expanding impact on the host.
Arbitrary code execution in Google Chrome for Android prior to 149.0.7827.53 stems from a use-after-free flaw in the WebAppInstalls component, triggered when a victim opens a malicious file. Although the CVSS vector lists a network attack vector with high impact across confidentiality, integrity, and availability, exploitation requires user interaction and no public exploit identified at time of analysis. EPSS probability is very low (0.01%) and SSVC indicates no observed exploitation, suggesting the immediate threat is limited despite the High severity rating from Chromium.
Same-origin policy bypass in Google Chrome's DevTools component prior to version 149.0.7827.53 allows remote attackers to violate browser security boundaries when victims perform specific UI gestures on attacker-controlled pages. The flaw stems from insufficient validation of untrusted input within DevTools and is rated High severity by Chromium with a CVSS of 8.8, though no public exploit identified at time of analysis and EPSS is very low at 0.02%.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 is possible via an integer overflow in the Dawn WebGPU implementation, allowing a remote attacker who has already compromised the renderer process to break out of the browser sandbox using a crafted HTML page. Google rates the Chromium severity as High and a vendor patch is available; no public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Sandbox escape in Google Chrome on macOS prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the WebShare component. The bug is rated High severity by Chromium and carries a CVSS 8.3 with scope change reflecting the sandbox boundary crossing, though no public exploit has been identified at time of analysis.
Sandbox escape in Google Chrome's ANGLE graphics layer (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) rated High severity by Chromium and CVSS 8.3, and while no public exploit is identified at time of analysis, sandbox escapes in ANGLE have historically been chained with renderer RCE bugs to achieve full system compromise.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free flaw in the Viz compositor component. Exploitation requires a crafted HTML page and victim interaction, and Google has rated the underlying Chromium security severity as High. No public exploit has been identified at time of analysis, but this class of bug is historically chained with renderer RCE bugs to achieve full browser compromise.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting insufficient input validation in the Media component. Google rates the Chromium security severity as High, and no public exploit has been identified at time of analysis. Successful exploitation requires chaining with a separate renderer compromise plus user interaction, raising attack complexity but yielding full host-level impact if achieved.
Universal Cross-Site Scripting (UXSS) in Google Chrome's DevTools component allows an attacker who has already compromised the renderer process to inject arbitrary scripts or HTML across security origins via a crafted HTML page, bypassing the same-origin policy. Affected versions are all Chrome releases prior to 149.0.7827.53. No public exploit code exists and no active exploitation has been observed; this vulnerability functions as a second-stage capability within a broader attack chain requiring prior renderer compromise.
Sandbox escape in Google Chrome on iOS prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free in the Core component rated High severity by Chromium, and no public exploit identified at time of analysis. Exploitation requires user interaction (visiting a malicious page) and chaining with a prior renderer compromise, raising the practical bar despite the 8.3 CVSS score.
Remote code execution in Google Chrome's ANGLE graphics layer on Windows prior to version 149.0.7827.53 allows attackers to execute arbitrary code inside the renderer sandbox when a victim visits a crafted HTML page. The flaw is a use-after-free (CWE-416) memory corruption issue rated High severity by Chromium, requires user interaction to trigger, and no public exploit has been identified at time of analysis.
Remote code execution in Google Chrome on Windows (versions prior to 149.0.7827.53) is possible through a use-after-free vulnerability in the ANGLE graphics translation layer, triggered when a victim visits a crafted HTML page. Successful exploitation yields arbitrary code execution constrained to the Chrome renderer sandbox, with Chromium rating the severity as High and CVSS scored at 8.8. There is no public exploit identified at time of analysis and CISA SSVC marks exploitation status as none, but the bug class (UAF in GPU translation) is historically a popular target for chained sandbox escapes.
Same-origin policy bypass in Google Chrome's Extensions component prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to perform unauthorized cross-origin actions via a crafted HTML page. The vulnerability stems from insufficient input validation (CWE-20) in the Extensions subsystem and carries a CVSS integrity impact of High with no confidentiality or availability loss. No active exploitation has been confirmed - EPSS sits at 0.02% (6th percentile), SSVC exploitation status is 'none', and the CVE is not listed in CISA KEV - but a vendor-released patch is available.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the Media component. Google rates the issue High severity and a vendor patch is available, though no public exploit has been identified at time of analysis.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox via a crafted HTML page. The flaw is a type confusion bug (CWE-843) rated High severity by Chromium with a CVSS 8.8 score; no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV. User interaction is required, as the victim must visit attacker-controlled or compromised content.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free flaw in the Dawn WebGPU implementation. Exploitation requires luring a victim to a crafted HTML page and chaining this bug with a prior renderer compromise, but the impact is full sandbox escape with high confidentiality, integrity, and availability consequences. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Out-of-bounds write in the ANGLE graphics layer of Google Chrome versions prior to 149.0.7827.53 enables remote attackers to trigger heap corruption and potentially execute arbitrary code by luring a victim to a crafted HTML page. Chromium rates the severity as High and CVSS 8.8 reflects the network attack vector with required user interaction. No public exploit identified at time of analysis, though the bug class (memory corruption in a browser-exposed component) is historically a prime target for weaponization.
Heap corruption in Google Chrome's WebAuthentication component prior to version 149.0.7827.53 allows remote attackers to potentially execute arbitrary code through a crafted HTML page combined with user interaction. The flaw is a use-after-free (CWE-416) rated High severity by Chromium and carries a CVSS 7.5 score, though exploitation requires specific UI gestures from the victim. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.
Sandbox escape in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a use-after-free in the Network component, triggered by a crafted HTML page. Chromium rates the severity as High and a vendor patch is available; no public exploit identified at time of analysis.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the browser sandbox by luring a user to a crafted HTML page. Rated High severity by Chromium with a CVSS 8.8, the flaw requires user interaction (visiting a malicious site) but no authentication or privileges. No public exploit has been identified at the time of analysis, and the issue is not currently listed in CISA KEV.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 is possible through a use-after-free flaw in the WebRTC component, allowing a remote attacker to execute arbitrary code within the renderer sandbox when a victim visits a crafted HTML page. The issue carries a CVSS 3.1 score of 8.8 (High) and a vendor patch is available, though there is no public exploit identified at time of analysis and the flaw is rated Medium severity by Chromium's own security team.
Sandbox escape in Google Chrome's Autofill component prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) requiring user interaction (UI:R) and a chained renderer compromise, and no public exploit has been identified at time of analysis despite the very high 9.6 CVSS score driven by scope change.
UI spoofing in Google Chrome's Payments subsystem (versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to manipulate what the victim sees during a payment flow, achieving high-integrity impact by deceiving users into authorizing fraudulent transactions or submitting payment credentials to attacker-controlled surfaces. The attack requires the victim to visit a crafted HTML page and perform specific UI gestures, as confirmed by the CVSS UI:R designation. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% at the 11th percentile indicates minimal current exploitation activity despite the network-reachable attack vector.
Remote code execution in Google Chrome on Linux prior to 149.0.7827.53 allows attackers to execute arbitrary code within the renderer sandbox by luring a user to a malicious web page that triggers a use-after-free condition in the Fonts component. The flaw carries a CVSS 3.1 base score of 8.8 (High) and no public exploit identified at time of analysis, though Chromium memory-corruption issues historically attract rapid POC development. Exploitation requires user interaction (visiting attacker-controlled content) but no authentication.
Integer overflow in Chrome's ANGLE graphics layer on Windows enables process memory disclosure for attackers who have already compromised the renderer process. Affected versions are all Google Chrome releases prior to 149.0.7827.53 on Windows. An attacker who has first achieved renderer compromise can trigger the ANGLE integer overflow via a crafted HTML page to read potentially sensitive data from process memory - functioning as a second-stage information leak within a chained exploit. No public exploit identified at time of analysis, and EPSS at 0.03% (11th percentile) reflects low observed exploitation probability.
Out-of-bounds memory read in Chrome's Media component allows a local-network-adjacent attacker to leak partial memory contents via specially crafted network traffic. Affects all Chrome releases prior to 149.0.7827.53 on desktop platforms, as confirmed by Google's stable channel advisory. No public exploit code exists and no active exploitation has been identified; SSVC assessment rates technical impact as partial with exploitation status none, placing this in a lower-priority remediation tier despite the unauthenticated vector.
Insufficient policy enforcement in Google Chrome's Extensions subsystem prior to version 149.0.7827.53 allows a crafted extension to bypass discretionary access controls (DAC), producing high-integrity impact with no confidentiality or availability consequence. Exploitation requires an attacker to socially engineer a user into installing a malicious extension, after which the extension subverts Chrome's permission boundary enforcement. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog; EPSS is extremely low at 0.01% (1st percentile), consistent with no observed mass exploitation.
Same Origin Policy bypass in Google Chrome's Workers implementation (versions prior to 149.0.7827.53) allows an unauthenticated remote attacker to violate cross-origin integrity boundaries by luring a victim to a crafted HTML page. The CVSS vector confirms no privileges are required but user interaction is necessary, yielding a High integrity impact with no confidentiality or availability consequence. No public exploit has been identified and EPSS stands at 0.02% (4th percentile), indicating no confirmed active exploitation at time of analysis.
Heap corruption in Google Chrome's TabStrip component before 149.0.7827.53 lets a remote attacker who can lure a user into specific UI interactions on a malicious HTML page trigger memory corruption with high impact to confidentiality, integrity, and availability. The flaw carries a CVSS 8.8 due to network reachability and lack of authentication, though user interaction is required; there is no public exploit identified at time of analysis and EPSS is very low at 0.03%.
Uninitialized memory read in Chrome's ANGLE graphics layer exposes process memory contents to remote attackers who can trick users into visiting a crafted HTML page. Affected are all Chrome releases prior to 149.0.7827.53 on desktop platforms, as confirmed by the Google Chrome Releases advisory. No public exploit identified at time of analysis, and the EPSS score of 0.03% (11th percentile) indicates low current exploitation probability; however, the CVSS confidentiality impact is rated High, meaning successful exploitation could yield sensitive in-process data such as credentials, tokens, or cryptographic material resident in memory.
Heap-based buffer overflow in the Skia graphics rendering library within Google Chrome versions prior to 149.0.7827.53 enables remote attackers to read sensitive data from renderer process memory. Exploitation requires no authentication (PR:N) but does require user interaction - a victim must visit a specially crafted HTML page - and yields high confidentiality impact (C:H) with no integrity or availability impact per the CVSS vector. No public exploit has been identified at time of analysis, and the EPSS score of 0.03% (10th percentile) indicates very low current exploitation probability; CISA KEV active exploitation status is not confirmed.
Memory disclosure in Google Chrome's Animation component (all versions prior to 149.0.7827.53) enables an unauthenticated remote attacker to read potentially sensitive data from the browser's process memory by directing a victim to a crafted HTML page. The flaw arises from insufficient data validation during animation processing - a class of bug that typically permits out-of-bounds or uninitialized memory reads rather than code execution. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) confirms low current exploitation probability despite the CVSS confidentiality impact being rated High.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows remote attackers to execute arbitrary code inside the renderer sandbox by serving a crafted HTML page and convincing a user to perform specific UI gestures. The flaw is a use-after-free (CWE-416) memory corruption issue with a high CVSS score of 8.8, rated Medium severity by Chromium; no public exploit identified at time of analysis.
Sandbox escape in Google Chrome's Glic component prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free memory corruption issue (CWE-416) requiring user interaction and a chained renderer compromise; no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.03%.
Heap corruption in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows remote attackers to potentially achieve code execution when a user visits a crafted HTML page and performs specific UI interactions. The flaw is rated High severity by Chromium and CVSS 8.8, though no public exploit identified at time of analysis and EPSS scoring places near-term mass exploitation probability at 0.03%. A vendor patch is already available through the Stable Channel update.
Sandbox escape in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free in the Views component, triggered by a crafted HTML page. Google rates the Chromium security severity as High and a vendor patch is available, though no public exploit has been identified at time of analysis and EPSS exploitation probability is currently very low (0.03%).
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by serving a crafted HTML page that triggers an integer overflow in the V8 JavaScript engine. The flaw is rated High severity by Chromium and carries a CVSS 8.8 score requiring user interaction (visiting a malicious page). At time of analysis, no public exploit identified at time of analysis and the issue is not listed in CISA KEV, though Chrome V8 bugs are historically attractive targets for exploit developers.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by delivering a malicious media file. The flaw is rated High severity by Chromium and carries a CVSS 3.1 score of 8.8, requiring only that a user visit attacker-controlled content or open a crafted media resource. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Cross-origin data leakage in Google Chrome's Skia graphics library prior to version 149.0.7827.53 enables unauthenticated remote attackers to read out-of-bounds memory and exfiltrate data from foreign origins via a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms high confidentiality impact with no privileges required, though a victim must visit an attacker-controlled page to trigger the read. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) suggests limited exploitation activity; however, same-origin policy bypass in a mainstream browser is a meaningful web security concern warranting prompt patching.
UI spoofing in Google Chrome's Accessibility component on Android prior to 149.0.7827.53 enables remote attackers to misrepresent interface elements via a crafted HTML page. Per the CVSS vector (PR:N/UI:R), unauthenticated remote attackers can achieve this through user-visited pages, with limited integrity and availability impact (I:L/A:L) and no confidentiality breach. EPSS at 0.03% (11th percentile) indicates very low exploitation probability, no public exploit exists, and this vulnerability is not listed in the CISA KEV catalog.
Sandbox escape in Google Chrome's Dawn component (versions prior to 149.0.7827.53) allows remote attackers to break out of the renderer sandbox via a crafted HTML page when a user visits a malicious site. Google Chromium rates the severity as High and a fix has shipped in the stable channel; no public exploit identified at time of analysis and EPSS exploitation probability is currently very low (0.05%).
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to visit a crafted HTML page that triggers a use-after-free in the WebXR component. Google rates the issue High severity and CVSS scores it 8.8, with user interaction required but no authentication or privileges needed; no public exploit identified at time of analysis.
Cross-origin data leakage in Google Chrome's Codecs subsystem affects all versions prior to 149.0.7827.53, enabling an attacker who has already compromised the renderer process to exfiltrate sensitive data from other origins via a crafted video file. The vulnerability bypasses Same-Origin Policy protections and exposes high-confidentiality content (CVSS C:H), though impact is scoped to information disclosure with no integrity or availability consequence. This CVE is not currently listed in CISA KEV, no public exploit has been identified at time of analysis, and EPSS at 0.05% (15th percentile) indicates low widespread exploitation probability.
Same-origin policy bypass in Google Chrome's DevTools component (all versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to bypass SOP protections via a crafted HTML page, resulting in a high-integrity impact with no confidentiality or availability loss. The attack requires user interaction (victim must visit a malicious page) and a prior renderer process compromise as a chained prerequisite, materially constraining real-world exploitability beyond the raw CVSS score implies. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog; EPSS probability stands at 0.02% (6th percentile), consistent with a low-probability exploitation scenario.
Out-of-bounds read in ANGLE (Chrome's graphics abstraction layer) affects all Google Chrome versions prior to 149.0.7827.53, enabling remote information disclosure from process memory. An unauthenticated remote attacker can trigger the memory leak by inducing a victim to visit a crafted HTML page - no privileges are required on the attacker's side, though user interaction is necessary. No public exploit identified at time of analysis and EPSS sits at 0.03% (11th percentile), indicating low current exploitation probability despite Google's 'High' Chromium severity rating.
Remote code execution in Google Chrome on Windows prior to version 149.0.7827.53 stems from a use-after-free flaw in the Chromoting (Chrome Remote Desktop) component. A remote attacker can deliver malicious network traffic that, combined with minimal user interaction, allows arbitrary code execution within the browser's renderer context. No public exploit identified at time of analysis, but Google rates the underlying Chromium severity as High.
Uninitialized memory use in Skia, Chrome's 2D graphics rendering engine, enables cross-origin data leakage in Google Chrome versions prior to 149.0.7827.53. Exploitation requires an attacker to have already compromised the renderer process and to deliver a crafted HTML page, making this a second-stage component in a multi-step attack chain rather than a standalone critical exploit. EPSS stands at 0.03% (11th percentile) and no active exploitation has been recorded in CISA KEV, aligning with its role as a chained, post-renderer-compromise primitive.
Information disclosure in Google Chrome versions prior to 149.0.7827.53 allows remote attackers to leak sensitive process memory through a crafted HTML page that triggers an uninitialized memory read in the Dawn WebGPU implementation. Google rates the underlying Chromium issue as High severity, and a patched stable channel build is available, though no public exploit has been identified at time of analysis and EPSS exploitation probability remains very low at 0.03%.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the WebRTC component, enabling a remote attacker to execute arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. The issue is rated High severity by Chromium and carries a CVSS 3.1 score of 8.8 (AV:N/AC:L/PR:N/UI:R), reflecting low complexity and no privilege requirement but requiring user interaction. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 149.0.7827.53 allows a remote attacker to break out of the renderer sandbox via a crafted HTML page when a victim visits a malicious site. The flaw is rated CVSS 9.6 due to scope change (S:C) and full CIA impact, though EPSS estimates only a 0.05% near-term exploitation probability and no public exploit has been identified at time of analysis.
Cross-origin data leakage in Google Chrome's Dawn WebGPU implementation prior to version 149.0.7827.53 allows a remote attacker to read sensitive data from other origins by luring a user to a crafted HTML page. Chromium rates this High severity and a vendor patch is available, though no public exploit has been identified at time of analysis and EPSS places exploitation probability at 1.64% (82nd percentile).
Sandbox escape in Google Chrome on Linux prior to 149.0.7827.53 allows a remote attacker to break out of the renderer process by luring a user to a crafted HTML page that triggers a use-after-free in the Ozone display/windowing layer. Google rates the underlying Chromium issue as High severity and a vendor patch is available; no public exploit identified at time of analysis and the EPSS score is very low (0.03%).
Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the Printing component. Chromium rates the issue High severity and a vendor patch is available, though no public exploit has been identified at time of analysis and EPSS remains very low at 0.05%.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the InterestGroups component. Google rates the Chromium severity as High, and CVSS scores it 8.3 with a changed scope reflecting the cross-boundary impact. No public exploit identified at time of analysis, though a vendor patch is available.
Privilege escalation in Google Chrome's Extensions component prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape sandbox restrictions via a crafted HTML page. Chromium rates the issue High severity; no public exploit has been identified at time of analysis and SSVC reports exploitation status as none, though the technical impact is total if chained successfully.
Cross-origin data disclosure in Google Chrome on Windows prior to 149.0.7827.53 allows remote attackers who have already compromised the renderer process to leak data from other origins via a crafted HTML page in the Dawn (WebGPU) component. Google rates the underlying issue High severity, but no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.05%.
Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the Chrome sandbox via a crafted HTML page that triggers a use-after-free in the SurfaceCapture component. The flaw is rated High severity by Chromium and carries a CVSS 3.1 score of 8.3 with scope change, reflecting that successful exploitation crosses the renderer/browser security boundary. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows remote attackers to break out of the renderer process sandbox by delivering a crafted video file processed by the browser's codec implementation. The CVSS 9.6 score reflects a scope-changing impact across confidentiality, integrity, and availability, though exploitation requires user interaction such as visiting a malicious page. No public exploit identified at time of analysis, and EPSS exploitation probability remains low at 0.05%.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by enticing a victim to visit a crafted HTML page that triggers an integer overflow in DevTools. Google has rated this Chromium issue as High severity and a vendor patch is available; no public exploit identified at time of analysis, and the bug is not currently listed in CISA KEV.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from an integer overflow in the V8 JavaScript engine, enabling a remote attacker to execute arbitrary code within the renderer sandbox via a crafted HTML page. The flaw is rated High severity by Chromium with a CVSS score of 8.8, requires user interaction (visiting a malicious page), and no public exploit has been identified at time of analysis. While exploitation is sandboxed, V8 RCE bugs historically chain with sandbox escapes to achieve full host compromise, making this a priority patch for browser fleets.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. Google has rated the issue High severity and shipped a stable-channel patch; no public exploit has been identified at time of analysis, and the bug tracker entry remains access-restricted per Chromium's standard disclosure practice.
Remote code execution in Google Chrome before 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by luring a user to a crafted HTML page that triggers a type confusion in the Media component. The flaw carries a CVSS 8.8 (High) rating and requires user interaction (visiting a page), and while no public exploit has been identified at time of analysis, Chromium-rated High Media bugs have historically been chained with sandbox escapes for full compromise.
Sandbox escape in Google Chrome for iOS before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting a use-after-free condition. The flaw is rated High severity by Chromium and has a CVSS score of 8.3, but no public exploit has been identified at time of analysis and it is not listed in CISA KEV. Successful exploitation typically requires chaining with a separate renderer-compromise primitive, raising the practical bar.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting an uninitialized memory use in the Codecs component. Google has rated this Chromium security severity as High, and no public exploit has been identified at time of analysis. The flaw requires chaining with a separate renderer compromise, but combined with a renderer RCE it enables full host code execution outside Chrome's sandbox.
Sandboxed remote code execution in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by luring a user to a crafted HTML page. The flaw is a use-after-free in the Input component, rated High by Chromium and 8.8 by CVSS. No public exploit identified at time of analysis, but Chrome UAF bugs in renderer-reachable components are historically high-value targets for chained sandbox escapes.
Remote code execution in Google Chrome for iOS before 149.0.7827.53 allows a remote attacker to execute arbitrary code by enticing a user to visit a crafted HTML page and perform specific UI gestures, triggering a use-after-free condition. Google rates the underlying Chromium issue as High severity, and no public exploit has been identified at time of analysis. The flaw requires user interaction, which somewhat reduces but does not eliminate real-world risk given Chrome's massive install base on iOS.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 stems from a use-after-free flaw in the Glic component, allowing a remote attacker to run arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. Google has rated the Chromium security severity as High, and a vendor patch is available, though no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Type confusion in the ANGLE graphics translation layer of Google Chrome on Windows prior to 149.0.7827.53 enables remote attackers to trigger out-of-bounds memory access through a crafted HTML page, with potential for memory corruption leading to code execution in the renderer process. Chromium rates this High severity and a vendor patch is available, though no public exploit is identified at time of analysis and EPSS exploitation probability is currently 0.03%.
Sandbox escape in Google Chrome on Android versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw stems from a use-after-free condition in the Core component and is rated High severity by Chromium with a CVSS of 8.3. No public exploit identified at time of analysis, though the bug enables a critical post-exploitation chain step when paired with a renderer RCE.
Heap corruption in Google Chrome for iOS prior to 149.0.7827.53 allows remote attackers to potentially execute arbitrary code by luring a user to a crafted HTML page that triggers a use-after-free condition. Google has rated this as High severity and a vendor patch is available, though no public exploit has been identified at time of analysis. The CVSS 8.8 score reflects network-reachable exploitation with low complexity but requires user interaction (visiting a malicious page).
Heap corruption in Google Chrome on iOS before version 149.0.7827.53 enables remote attackers to potentially execute arbitrary code by enticing a user to interact with a malicious HTML page that triggers a use-after-free in the Autofill component. Chromium rates the underlying flaw as High severity, and while a vendor patch is available, no public exploit has been identified at time of analysis and EPSS remains very low at 0.03%.
Cross-origin data leakage in Google Chrome on iOS (versions prior to 149.0.7827.53) stems from insufficient policy enforcement in the Autofill component, enabling a remote unauthenticated attacker to read sensitive cross-origin data by directing a victim to a crafted HTML page. The CVSS score of 6.5 (Medium) reflects high confidentiality impact with no integrity or availability loss; the attack requires user interaction but no attacker privileges. EPSS probability sits at 0.03% (11th percentile), SSVC reports no current exploitation, and the CVE is absent from CISA KEV, collectively indicating low real-world threat urgency despite the medium severity classification.
Cross-origin data exfiltration via Autofill in Google Chrome on iOS (prior to 149.0.7827.53) allows a remote attacker to leak sensitive data across origin boundaries by directing a victim to a crafted HTML page. The flaw stems from insufficient policy enforcement in the Autofill subsystem - a protection mechanism failure (CWE-693) that bypasses same-origin boundary controls exclusive to the iOS platform build of Chrome. No public exploit code has been identified at time of analysis, and the EPSS score of 0.03% (11th percentile) indicates very low observed exploitation probability. A vendor-released patch is available.
Local privilege escalation in Google Chrome on Windows prior to 149.0.7827.53 enables an attacker who can deliver a malicious file to a victim to elevate privileges via an inappropriate UI implementation. Google's Chromium team rated the severity as High and a stable channel patch has been released, but no public exploit has been identified at time of analysis and the issue is not currently listed in CISA KEV.
Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that triggers a race condition in the Codecs component. Chromium rates this High severity, and while no public exploit was identified at time of analysis, the bug fits the classic renderer-to-sandbox-escape pattern frequently chained in real-world Chrome exploit kits. CVSS is 8.3 reflecting high attack complexity, required user interaction, and a scope change.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page that triggers a use-after-free in the WebRTC component. The flaw carries a CVSS 3.1 score of 8.8 (High) and Chromium rates the security severity as High; no public exploit has been identified at time of analysis and the issue is not currently listed in CISA KEV.
Site isolation bypass in Google Chrome prior to 149.0.7827.53 enables a remote attacker - who has already compromised the renderer process - to escape cross-origin protections via a crafted HTML page. The vulnerability stems from inappropriate handling of the Input component (CWE-20: Improper Input Validation) within Chromium's renderer, allowing crafted input to undermine the site isolation security boundary and produce high-integrity impact against cross-origin resources. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at 0.02% (6th percentile), consistent with the renderer pre-compromise prerequisite that constrains standalone exploitation.
Same-origin policy bypass in Google Chrome's Passwords component prior to version 149.0.7827.53 allows remote attackers to access cross-origin resources via a crafted HTML page that a victim must visit. Rated High severity by Chromium with a CVSS of 8.1, the flaw enables exposure or modification of sensitive data across origin boundaries when a user is lured to attacker-controlled content. EPSS probability is very low (0.02%, 4th percentile) and no public exploit identified at time of analysis, but a vendor patch is available.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows attackers to execute arbitrary code within the renderer sandbox by luring a user to a malicious web page. The flaw stems from a type confusion bug rated High severity by Chromium's security team, and while no public exploit has been identified at time of analysis, V8 type confusion bugs are historically high-value targets for browser exploitation chains. A vendor patch is available.
Remote code execution in Google Chrome V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox by serving a crafted HTML page to a victim. The flaw is a type confusion bug (CWE-843) in V8 rated High severity by Chromium, with no public exploit identified at time of analysis and SSVC indicating exploitation status 'none' from CISA's framework.
Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who already controls the renderer process to break out of the browser sandbox via a crafted HTML page that triggers a use-after-free in the Autofill component. Chromium rates the severity High and a vendor patch is available; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Sandbox escape in Google Chrome on Windows before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out via a use-after-free in the Audio component when a victim loads a crafted HTML page. Chromium rates the issue High severity and Google has shipped a stable-channel fix, but no public exploit identified at time of analysis and the bug is not listed in CISA KEV.
Heap corruption in Google Chrome on Android before 149.0.7827.53 enables remote attackers to exploit a use-after-free condition in the browser's UI component through a malicious web page. The flaw carries a CVSS 8.8 (High) rating and requires user interaction (visiting a crafted page), with no public exploit identified at time of analysis. Google rates the underlying Chromium severity as High, and a vendor patch is available in the stable channel update.
Sandbox escape in Google Chrome's FileSystem component prior to version 149.0.7827.53 allows a remote attacker to break out of the renderer sandbox via a crafted HTML page that triggers a use-after-free condition. Successful exploitation requires the victim to interact with attacker-controlled web content, but yields a scope change from the constrained renderer process to higher-privileged host context. EPSS is currently low (0.03%) and no public exploit has been identified at time of analysis, though Google rates the underlying Chromium severity as High.
Out-of-bounds memory read in Google Chrome's ANGLE graphics layer on macOS versions prior to 149.0.7827.53 allows remote attackers to disclose memory contents or crash the renderer by enticing a user to visit a crafted HTML page. Google rates the underlying Chromium issue as High severity, and while no public exploit is identified at time of analysis, the EPSS score of 0.03% suggests low near-term mass exploitation likelihood. The flaw requires user interaction (visiting a page) but no authentication, making drive-by web attacks the realistic threat model.
Sandbox escape in Google Chrome on Android prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a heap buffer overflow in ANGLE. Chromium rates the severity as High, and although no public exploit is identified at time of analysis, the CVSS 8.3 score with scope change reflects the cross-boundary impact when chained with a renderer RCE. This is a classic second-stage bug used in browser exploit chains rather than a standalone one-click compromise.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker to execute arbitrary code through a crafted HTML page that triggers script injection in the Headless component. The flaw is rated High severity by Chromium and carries a CVSS 3.1 base score of 8.8, requiring only that a victim load attacker-controlled web content. No public exploit identified at time of analysis, but Google has released a fix in the Stable channel update for desktop.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 can be achieved by remote attackers who have already compromised the renderer process, leveraging an out-of-bounds read in the Dawn WebGPU implementation via a crafted HTML page. Google rates this as High severity and a vendor patch is available, though no public exploit has been identified at time of analysis. The bug is part of a multi-stage exploitation chain rather than a single-step RCE, but successful chaining yields full escape from Chrome's renderer sandbox.
Remote code execution in Google Chrome versions prior to 149.0.7827.53 allows an attacker on the same local network segment (adjacent network) to execute arbitrary code by sending malicious traffic to the browser's Cast component. The flaw stems from a use-after-free memory corruption issue in the Cast feature (used for media streaming to devices like Chromecast) and is rated High severity by Chromium with a CVSS score of 8.8. No public exploit identified at time of analysis, though a vendor patch has been released.
Sandbox escape in Google Chrome on macOS prior to 149.0.7827.53 lets a remote attacker who has already compromised the renderer process break out of the Chromium sandbox via a crafted HTML page that triggers an out-of-bounds write in Skia. Google rates the underlying Chromium issue High severity and a vendor patch is available, though no public exploit code has been identified at time of analysis.
Sandbox escape in Google Chrome's Chromecast component prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. Rated High severity by the Chromium project with a CVSS of 8.3, the flaw requires a prior renderer compromise and user interaction, and no public exploit identified at time of analysis. Successful exploitation gives attackers code execution outside the renderer's restricted context, dramatically expanding impact on the host.
Arbitrary code execution in Google Chrome for Android prior to 149.0.7827.53 stems from a use-after-free flaw in the WebAppInstalls component, triggered when a victim opens a malicious file. Although the CVSS vector lists a network attack vector with high impact across confidentiality, integrity, and availability, exploitation requires user interaction and no public exploit identified at time of analysis. EPSS probability is very low (0.01%) and SSVC indicates no observed exploitation, suggesting the immediate threat is limited despite the High severity rating from Chromium.
Same-origin policy bypass in Google Chrome's DevTools component prior to version 149.0.7827.53 allows remote attackers to violate browser security boundaries when victims perform specific UI gestures on attacker-controlled pages. The flaw stems from insufficient validation of untrusted input within DevTools and is rated High severity by Chromium with a CVSS of 8.8, though no public exploit identified at time of analysis and EPSS is very low at 0.02%.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 is possible via an integer overflow in the Dawn WebGPU implementation, allowing a remote attacker who has already compromised the renderer process to break out of the browser sandbox using a crafted HTML page. Google rates the Chromium severity as High and a vendor patch is available; no public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Sandbox escape in Google Chrome on macOS prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the WebShare component. The bug is rated High severity by Chromium and carries a CVSS 8.3 with scope change reflecting the sandbox boundary crossing, though no public exploit has been identified at time of analysis.
Sandbox escape in Google Chrome's ANGLE graphics layer (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) rated High severity by Chromium and CVSS 8.3, and while no public exploit is identified at time of analysis, sandbox escapes in ANGLE have historically been chained with renderer RCE bugs to achieve full system compromise.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free flaw in the Viz compositor component. Exploitation requires a crafted HTML page and victim interaction, and Google has rated the underlying Chromium security severity as High. No public exploit has been identified at time of analysis, but this class of bug is historically chained with renderer RCE bugs to achieve full browser compromise.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting insufficient input validation in the Media component. Google rates the Chromium security severity as High, and no public exploit has been identified at time of analysis. Successful exploitation requires chaining with a separate renderer compromise plus user interaction, raising attack complexity but yielding full host-level impact if achieved.
Universal Cross-Site Scripting (UXSS) in Google Chrome's DevTools component allows an attacker who has already compromised the renderer process to inject arbitrary scripts or HTML across security origins via a crafted HTML page, bypassing the same-origin policy. Affected versions are all Chrome releases prior to 149.0.7827.53. No public exploit code exists and no active exploitation has been observed; this vulnerability functions as a second-stage capability within a broader attack chain requiring prior renderer compromise.
Sandbox escape in Google Chrome on iOS prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free in the Core component rated High severity by Chromium, and no public exploit identified at time of analysis. Exploitation requires user interaction (visiting a malicious page) and chaining with a prior renderer compromise, raising the practical bar despite the 8.3 CVSS score.
Remote code execution in Google Chrome's ANGLE graphics layer on Windows prior to version 149.0.7827.53 allows attackers to execute arbitrary code inside the renderer sandbox when a victim visits a crafted HTML page. The flaw is a use-after-free (CWE-416) memory corruption issue rated High severity by Chromium, requires user interaction to trigger, and no public exploit has been identified at time of analysis.
Remote code execution in Google Chrome on Windows (versions prior to 149.0.7827.53) is possible through a use-after-free vulnerability in the ANGLE graphics translation layer, triggered when a victim visits a crafted HTML page. Successful exploitation yields arbitrary code execution constrained to the Chrome renderer sandbox, with Chromium rating the severity as High and CVSS scored at 8.8. There is no public exploit identified at time of analysis and CISA SSVC marks exploitation status as none, but the bug class (UAF in GPU translation) is historically a popular target for chained sandbox escapes.
Same-origin policy bypass in Google Chrome's Extensions component prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to perform unauthorized cross-origin actions via a crafted HTML page. The vulnerability stems from insufficient input validation (CWE-20) in the Extensions subsystem and carries a CVSS integrity impact of High with no confidentiality or availability loss. No active exploitation has been confirmed - EPSS sits at 0.02% (6th percentile), SSVC exploitation status is 'none', and the CVE is not listed in CISA KEV - but a vendor-released patch is available.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the Media component. Google rates the issue High severity and a vendor patch is available, though no public exploit has been identified at time of analysis.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code inside the renderer sandbox via a crafted HTML page. The flaw is a type confusion bug (CWE-843) rated High severity by Chromium with a CVSS 8.8 score; no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV. User interaction is required, as the victim must visit attacker-controlled or compromised content.
Sandbox escape in Google Chrome versions prior to 149.0.7827.53 enables a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free flaw in the Dawn WebGPU implementation. Exploitation requires luring a victim to a crafted HTML page and chaining this bug with a prior renderer compromise, but the impact is full sandbox escape with high confidentiality, integrity, and availability consequences. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Out-of-bounds write in the ANGLE graphics layer of Google Chrome versions prior to 149.0.7827.53 enables remote attackers to trigger heap corruption and potentially execute arbitrary code by luring a victim to a crafted HTML page. Chromium rates the severity as High and CVSS 8.8 reflects the network attack vector with required user interaction. No public exploit identified at time of analysis, though the bug class (memory corruption in a browser-exposed component) is historically a prime target for weaponization.
Heap corruption in Google Chrome's WebAuthentication component prior to version 149.0.7827.53 allows remote attackers to potentially execute arbitrary code through a crafted HTML page combined with user interaction. The flaw is a use-after-free (CWE-416) rated High severity by Chromium and carries a CVSS 7.5 score, though exploitation requires specific UI gestures from the victim. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.
Sandbox escape in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a use-after-free in the Network component, triggered by a crafted HTML page. Chromium rates the severity as High and a vendor patch is available; no public exploit identified at time of analysis.
Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.53 allows a remote attacker to execute arbitrary code within the browser sandbox by luring a user to a crafted HTML page. Rated High severity by Chromium with a CVSS 8.8, the flaw requires user interaction (visiting a malicious site) but no authentication or privileges. No public exploit has been identified at the time of analysis, and the issue is not currently listed in CISA KEV.