cve-2026-6302

About this tag
CVE-2026-6302 is a high-severity use-after-free vulnerability in Google Chrome's Video component, patched in Chrome version 147.0.7727.101 for Linux and 147.0.7727.101/102 for Windows and Mac. The flaw could allow a remote attacker to achieve arbitrary code execution inside the browser sandbox by tricking a victim into visiting a crafted HTML page. Google disclosed the fix on Wednesday, April 15, 2026, and the update is rolling out to stable-channel users. This tag covers discussions about the vulnerability, its impact, and the patching process for Chrome users.
  1. Chrome CVE-2026-6302 Patched: Use-After-Free Video Bug Enables Sandbox RCE

    Google has patched CVE-2026-6302, a high-severity use-after-free flaw in Chrome’s Video component, in Chrome version 147.0.7727.101 for Linux and 147.0.7727.101/102 for Windows and Mac. The issue could let a remote attacker achieve arbitrary code execution inside the browser sandbox by luring a...