Use After Free Vulnerability in Google Chrome for Android
CVE-2026-12442

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12442?

This vulnerability arises from improper memory management within Google Chrome on Android, specifically due to a use after free condition in the Passwords component. An attacker can exploit this flaw by crafting a malicious HTML page that, when visited by a user, can lead to arbitrary code execution. This can allow the attacker to gain unauthorized access to sensitive data or perform actions on behalf of the user without their consent.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/521950423

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12442 Data

JSON