Google Chrome: Untrusted Code Can Run in Sandbox

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome: Untrusted Code Can Run in Sandbox

CVE-2026-5860

Summary

A security issue in older versions of Google Chrome allows an attacker to run malicious code on your computer via a specially crafted website. This can potentially lead to unauthorized access to your system. Update your Chrome browser to the latest version to fix the issue.

Original title

Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Original description

Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vulnerability type

CWE-416 Use After Free

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop....
https://issues.chromium.org/issues/486495143

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026