CVE-2026-6919

· NIST NVD ↗

Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CRITICAL
CVSS severity
9.6
CVSS base score
2026-04-23
Published

CWE codes

CWE-416

Affected products

google:chromegoogle:androidlinux:linux_kernelmicrosoft:windows

Sources