CVE-2026-7352

· NIST NVD ↗

Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

HIGH

CVSS severity

8.3

CVSS base score

2026-04-28

Published

CWE codes

CWE-416

Affected products

google:chromeapple:macoslinux:linux_kernelmicrosoft:windows

Sources

NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-7352