Memory Corruption Vulnerability in Yandex Browser for Desktop
CVE-2023-26226

7.4HIGH

Key Information:

Vendor: Yandex
Status: Browser
Vendor: CVE Published:; 30 May 2025

What is CVE-2023-26226?

A memory corruption vulnerability has been identified in Yandex Browser for Desktop, which can potentially be exploited if an application mistakenly accesses a memory location that has already been freed. This issue affects earlier versions of the browser, making it crucial for users to update to version 24.4.0.682 or later to mitigate risks associated with this flaw.

Affected Version(s)

Browser Windows 0 < 24.4.0.682

References

https://yandex.com/bugbounty/i/hall-of-fame-browser/

CVSS V4

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2025
Vulnerability Reserved
Feb 20, 2023

Credit

khangkito