Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome on Android: Remote attacker can escape sandbox
CVE-2026-5288
Summary
A security flaw in Google Chrome on Android before a specific version allows a hacker who has already taken control of the browser's internal processes to potentially break out of the security sandbox and access more sensitive parts of the system. This could lead to further exploitation and data theft. Update to the latest version of Google Chrome to fix this issue.
Original title
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte...
Original description
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Vulnerability type
CWE-416
Use After Free
Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 1 Apr 2026