Home / Vulnerability Intelligence / CVE-2026-6359

CVE-2026-6359 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: April 15, 2026

Google Chrome - Use After Free

Published: April 15, 2026Updated: April 15, 2026Remote Exploitable

Overview

Google Chrome on Windows < 147.0.7727.101 contains a use after free vulnerability in Video component, caused by improper memory handling, letting remote attackers with compromised renderer process perform out of bounds memory access via crafted HTML page.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Remote attackers with renderer process control can perform out of bounds memory access, potentially leading to code execution or browser crash.

Mitigation

Update to version 147.0.7727.101 or later.

References

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
https://issues.chromium.org/issues/490251701

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-6359
Severity: High
CVSS Score: 8.8
Type: use_after_free
Status: new

CWE

CWE-416

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H