Use After Free Vulnerability in Google Chrome by Google
CVE-2026-13036

8.8HIGH

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
24 June 2026

What is CVE-2026-13036?

A vulnerability in Blink, a major component of Google Chrome, allows a remote attacker to exploit a use after free condition. By crafting a malicious HTML page and enticing a user to visit it, an attacker can execute arbitrary code within the browser's sandbox. This bypasses security measures and potentially compromises user data. Users are encouraged to update to the latest version of Google Chrome to mitigate this risk.

Affected Version(s)

Chrome 149.0.7827.197

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.