Google Chrome, Use After Free, CVE-2026-5273 (High) -DC-Jun2026-55

Listen to this Post

Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
This vulnerability, identified as CVE-2026-5273, is a use-after-free (UAF) flaw within the Cascading Style Sheets (CSS) processing component of the Chromium browser engine, specifically affecting Google Chrome. The core issue arises from improper memory management where, after certain CSS data structures are deallocated, the browser fails to clear all references to that memory. Consequently, a dangling pointer remains. An attacker can craft a malicious HTML page with specific, timed CSS manipulations that force the browser to free a memory block but then later, through a series of calls, trigger a function that dereferences this expired pointer. At this point, the memory may have been reallocated for a different purpose. If the attacker can control the content placed in that reused memory, they can influence the browser’s execution flow. By carefully orchestrating the state of the heap, the dangling pointer can be made to point to attacker-controlled data or a fake object structure. When the browser’s CSS engine subsequently calls a function pointer or a virtual method from this corrupted structure, the attacker can redirect code execution. This allows running arbitrary shellcode within the security context of the browser’s renderer process, which operates inside a sandbox. While the sandbox is a critical mitigation, this flaw could be chained with other vulnerabilities to achieve a full system compromise.

DailyCVE Form:

Platform: Google Chrome
Version: < 146.0.7680.178
Vulnerability: Use after free
Severity: High
date: 2026-04-01

Prediction: 2026-04-08

What Undercode Say:

Detection with Google Chrome version command
google-chrome --version
Check for any existing Chromium security patches on Debian-based systems
dpkg -l | grep chromium
Update Chrome using Windows command line (example)
"C:\Program Files\Google\Chrome\Application\chrome.exe" --version
Manual update check URL
start chrome://settings/help
Update Chromium on openSUSE
zypper in -t patch openSUSE-2026-113=1

Exploit:

Exploitation of CVE-2026-5273 relies on a precise memory layout. The attacker first triggers the initial free condition via crafted CSS, then forces a reallocation to claim the freed space with a fake object. Finally, a CSS operation dereferences the dangling pointer, causing the browser to execute the fake object’s virtual functions. This can bypass basic mitigations like heap partitioning and lead to code execution within the sandbox. While no public proof-of-concept is currently available, the vulnerability is considered high-risk due to its remote, network-accessible nature.

Protection:

Immediately update Google Chrome to version 146.0.7680.178 or later. Enterprise environments should enforce minimum version requirements for all managed Chrome installations. Until patching is complete, users should avoid visiting untrusted websites and exercise caution with suspicious links. Additionally, consider enabling browser sandboxing features and deploying web application firewalls to filter malicious content.

Impact:

A successful exploit could lead to arbitrary code execution inside the Chrome sandbox. While the sandbox restricts direct access to the operating system, this flaw represents a critical stepping stone for a sandbox escape, potentially leading to full system compromise if chained with other vulnerabilities.

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top