Use After Free Vulnerability in Google Chrome Browser
CVE-2026-6309

8.3HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 15 April 2026

What is CVE-2026-6309?

A use after free vulnerability exists in the Viz component of Google Chrome versions prior to 147.0.7727.101, which can be exploited by an attacker who has compromised the renderer process. This flaw allows the potential for a sandbox escape through the execution of a specially crafted HTML page, posing significant security risks to users. It is crucial for users to update their browsers to the latest version to mitigate this vulnerability.

Affected Version(s)

Chrome 147.0.7727.101

References

https://chromereleases.googleblog.com/2026/04/stable-chan...

https://issues.chromium.org/issues/497846428

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Apr 14, 2026

CVE-2026-6309 Data

JSON