Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Google Chrome Android Heap Corruption via HTML Page
DEBIAN-CVE-2026-10932
Summary
Google Chrome on Android devices is affected by a vulnerability that could allow a malicious website to crash the browser or potentially steal sensitive information. This issue is particularly concerning because it can be exploited remotely by an attacker. To stay protected, ensure you're running the latest version of Google Chrome on your Android device.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | chromium | All versions |
| Debian:12 | debian | chromium | All versions |
| Debian:13 | debian | chromium | All versions |
| Debian:14 | debian | chromium | All versions |
Original title
Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Original description
Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
osv CVSS3.1
8.8
- https://security-tracker.debian.org/tracker/CVE-2026-10932 Vendor Advisory
Published: 4 Jun 2026 · Updated: 5 Jun 2026 · First seen: 5 Jun 2026