Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
10.0

CVE-2026-13782: Google Chrome: Compromised browser can escape security sandbox

CVE-2026-13782
Summary

A critical security risk was found in older versions of Google Chrome. If an attacker had already taken control of your browser, they could have used a specially crafted webpage to break out of the security features that keep them contained. Update your browser to the latest version to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software
VendorProductAffected versions
google chrome < 150.0.7871.46
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Original title
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page....
Original description
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
nvd CVSS3.1 10.0
Vulnerability type
CWE-416 Use After Free
Published: 30 Jun 2026 · Updated: 1 Jul 2026 · First seen: 1 Jul 2026