Home / Vulnerability Intelligence / CVE-2026-2321

CVE-2026-2321 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: February 13, 2026

Google Chrome - Use After Free

Published: February 11, 2026Updated: February 13, 2026Remote Exploitable

Overview

Google Chrome < 145.0.7632.45 contains a use after free caused by improper handling of UI gestures in Ozone, letting remote attackers potentially exploit heap corruption via crafted HTML pages, exploit requires user interaction.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 10.8%(Probability of exploitation in next 30 days)

Impact

Remote attackers can exploit heap corruption, potentially leading to arbitrary code execution or browser crash.

Mitigation

Update to version 145.0.7632.45 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Feb 14, 2026

🟠 CVE-2026-2321 - High (8.8) Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2321/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-2321
Severity: High
CVSS Score: 8.8
Type: use_after_free
Status: confirmed
EPSS: 10.8%
Social Posts: 1

CWE

CWE-416

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

10.8%Probability of exploitation in the next 30 days