CVE-2026-7344

· NIST NVD ↗

Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

HIGH
CVSS severity
8.8
CVSS base score
2026-04-28
Published

CWE codes

CWE-416

Affected products

google:chromeapple:macoslinux:linux_kernelmicrosoft:windows

Sources