You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-10934
About this tag
CVE-2026-10934 is a high-severity use-after-free vulnerability in Chrome Autofill on Android, disclosed by Google on June 4, 2026. The flaw, present in versions before 149.0.7827.53, could allow an attacker with renderer compromise to attempt a sandbox escape via crafted HTML. While the bug is Android-specific, the fix was included in the broader Chrome 149 security release, which also affects Windows users because Chromium is shared infrastructure. This highlights the challenge of understanding browser risk when the affected component, platform, and CVE metadata do not align neatly.
Google published CVE-2026-10934 on June 4, 2026, describing a high-severity use-after-free flaw in Chrome Autofill on Android before version 149.0.7827.53 that could let an attacker with renderer compromise attempt a sandbox escape through crafted HTML. That is a narrow sentence with a very...