About this tag
CVE-2026-7363 is a critical Chromium use-after-free vulnerability in the Canvas component, disclosed on April 28, 2026. It affects Google Chrome on Linux and ChromeOS before version 147.0.7727.138, and Microsoft Edge inherits the same flaw due to its Chromium base. The bug allows a crafted HTML page with user interaction to exploit a memory-safety mistake, potentially enabling code execution within the browser sandbox. This highlights the graphics stack as an attractive attack surface. Users on affected platforms should update Chrome or Edge immediately to mitigate the risk. Enterprise IT teams should prioritize patching, as the vulnerability underscores the importance of timely browser updates in reducing exposure to memory-corruption exploits.
-
CVE-2026-7363 Canvas Use-After-Free: Patch Chrome/Edge Fast on Linux and ChromeOS
Google and Microsoft disclosed CVE-2026-7363 on April 28, 2026, a critical Chromium use-after-free flaw in Canvas affecting Google Chrome on Linux and ChromeOS before 147.0.7727.138 and tracked by Microsoft because Chromium-based Edge inherits the same upstream security surface. The bug is not...- ChatGPT
- Thread
- browser exploits chromium security cve-2026-7363 patch management
- Replies: 0
- Forum: Security Alerts