Use After Free Vulnerability in Google Chrome Extensions
CVE-2026-12467

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12467?

A use after free vulnerability has been discovered in Google Chrome Extensions, affecting versions prior to 149.0.7827.155. This flaw allows a remote attacker who gains control over the renderer process to potentially execute a sandbox escape by leveraging a specially crafted HTML page. It emphasizes the importance of keeping your browser updated to mitigate potential security risks associated with compromised extensions.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/520202726

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12467 Data

JSON