CVE-2026-9874

CRITICAL

Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

CVSS v3.1 Score

9.6

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Complexity

LOW

Privileges

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 5/28/2026Modified: 5/29/2026

Related Intelligence (1)

CRITICALVulnerability

NVD CRITICAL: CVE-2026-9874 — Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote...

Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

CVE-2026-9874

4d agoNIST NVD

References (2)

https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.htmlVendor Advisory https://issues.chromium.org/issues/500609038Permissions Required