LeakyCreds
NewInstant webhook alerts now available — notified within seconds of any credential detection.Learn more →
Home / Vulnerability Intelligence / CVE-2026-7343

CVE-2026-7343 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: April 29, 2026

Google Chrome - Use After Free

Published: April 28, 2026Updated: April 29, 2026Remote Exploitable

Overview

Google Chrome < 147.0.7727.138 on Windows contains a use after free vulnerability in Views, letting remote attackers who compromised the renderer process potentially perform a sandbox escape via crafted HTML, exploit requires compromised renderer process.

Severity & Score

Severity: Critical
CVSS Score: 9.8
EPSS Score: 3.5%(Probability of exploitation in next 30 days)

Impact

Attackers with renderer process access can escape sandbox, potentially leading to full system compromise.

Mitigation

Update to version 147.0.7727.138 or later.

References

Social Media Activity(2 posts)

OffSequence
OffSequence
@offseq
Apr 29, 2026

⚠️ CRITICAL: CVE-2026-7343 in Chrome (Windows <147.0.7727.138) is a use-after-free in Views that could allow renderer sandbox escape. Patch ASAP to mitigate. No known exploits yet. https://radar.offseq.com/threat/cve-2026-7343-use-after-free-in-google-chrome-6725c92f #OffSeq #Chrome #Vulnerability #Security

View original post
OffSequence
OffSequence
@offseq
Apr 29, 2026

⚠️ CRITICAL: CVE-2026-7343 in Chrome (Windows <147.0.7727.138) is a use-after-free in Views that could allow renderer sandbox escape. Patch ASAP to mitigate. No known exploits yet. https://radar.offseq.com/threat/cve-2026-7343-use-after-free-in-google-chrome-6725c92f #OffSeq #Chrome #Vulnerability #Security

View original post

Related Resources

Details

CVE ID
CVE-2026-7343
Severity
Critical
CVSS Score
9.8
Type
use_after_free
Status
new
EPSS
3.5%
Social Posts
2

CWE

  • CWE-416

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

3.5%Probability of exploitation in the next 30 days