CVE-2026-13782
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Ver en NVDAnálisis
Esta vulnerabilidad critica de tipo Use After Free en Google Chrome permite a un atacante remoto realizar un escape del sandbox del navegador mediante una pagina HTML maliciosa. Con un puntaje CVSS de 10.0, este fallo compromete la seguridad del sistema operativo anfitrion en entornos de desarrollo y produccion. Se recomienda actualizar inmediatamente a la version 150.0.7871.47 o superior en Windows, macOS y Linux.
Roles relevantes
Severidad
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HCWE-416EPSS
Afecta
google:chromeapple:macoslinux:linux_kernelmicrosoft:windowsDescripción técnica
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)