Use After Free Vulnerability in Google Chrome Payments
CVE-2026-15117

Currently unrated

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-15117?

A use after free vulnerability was discovered in the Payments component of Google Chrome, allowing remote attackers to exploit heap corruption by convincing users to perform specific UI gestures on a specially crafted HTML page. This flaw could lead to unexpected behavior and potentially permit unauthorized actions within the browser.

Affected Version(s)

Chrome 150.0.7871.115

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.