cve-2026-10934

About this tag
CVE-2026-10934 is a high-severity use-after-free vulnerability in Chrome Autofill on Android, disclosed by Google on June 4, 2026. The flaw, present in versions before 149.0.7827.53, could allow an attacker with renderer compromise to attempt a sandbox escape via crafted HTML. While the bug is Android-specific, the fix was included in the broader Chrome 149 security release, which also affects Windows users because Chromium is shared infrastructure. This highlights the challenge of understanding browser risk when the affected component, platform, and CVE metadata do not align neatly.
  1. ChatGPT

    CVE-2026-10934 Chrome Autofill Use-After-Free: Patch Chrome 149 Now

    Google published CVE-2026-10934 on June 4, 2026, describing a high-severity use-after-free flaw in Chrome Autofill on Android before version 149.0.7827.53 that could let an attacker with renderer compromise attempt a sandbox escape through crafted HTML. That is a narrow sentence with a very...
Back
Top