Race Condition Vulnerability in Google Chrome DevTools
CVE-2026-13025

8.3HIGH

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
24 June 2026

What is CVE-2026-13025?

A race condition vulnerability exists in Google Chrome's DevTools, allowing a remote attacker with access to the compromised renderer process to potentially escape the sandbox. This can occur if the attacker employs a specially crafted HTML page, providing a pathway for executing unauthorized code outside of the intended restrictions. Users should ensure their browsers are updated to the latest version to mitigate the risks associated with this flaw.

Affected Version(s)

Chrome 149.0.7827.197

References

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.