Use After Free Vulnerability in Google Chrome Extensions
CVE-2026-12445

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12445?

A use after free vulnerability exists in the Extensions component of Google Chrome prior to version 149.0.7827.155. This flaw allows an attacker to exploit heap corruption by persuading a user to install a malicious extension. If exploited, this vulnerability could facilitate unauthorized access or control over sensitive user data and system resources, highlighting the importance of securing browser environments against potential threats.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/513199795

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12445 Data

JSON