Use After Free Vulnerability in DigitalCredentials of Google Chrome
CVE-2026-12440

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12440?

A vulnerability exists in the DigitalCredentials component of Google Chrome on Windows, allowing remote attackers to potentially execute a sandbox escape. This is achieved through the manipulation of crafted HTML pages, which can exploit the use-after-free scenario, leading to unexpected behavior and potential unauthorized access to sensitive data or system resources.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/519731619

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12440 Data

JSON