cve 2026 10923

CVE-2026-10923 is a high-severity Google Chrome for Android vulnerability published by NVD on June 4, 2026, affecting Chrome versions before 149.0.7827.53. It describes a WebAppInstalls use-after-free flaw that could allow arbitrary code execution through a malicious file. This tag covers discussions about the technical details of the vulnerability, its impact on Android devices, and the importance of proper CPE matching to identify vulnerable assets. It also serves as a case study in how modern browser CVEs can be technically narrow and operationally awkward, emphasizing the need for careful patch management and asset inventory.