CVE-2026-5289 - Vulnerability Analysis
CriticalCVSS: 9.6Last Updated: April 1, 2026
Google Chrome - Use After Free
Overview
Google Chrome < 146.0.7680.178 contains a use after free vulnerability in Navigation, letting remote attackers with compromised renderer process potentially perform sandbox escape via crafted HTML page.
Severity & Score
Impact
Remote attackers can escape sandbox, potentially gaining higher privileges and control over the system.
Mitigation
Update to version 146.0.7680.178 or later.
References
Social Media Activity(2 posts)
š“ CVE-2026-5289 - Critical (9.6) Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) š https://www.thehackerwire.com/vulnerability/CVE-2026-5289/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š“ CVE-2026-5289 - Critical (9.6) Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) š https://www.thehackerwire.com/vulnerability/CVE-2026-5289/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-5289
- Severity
- Critical
- CVSS Score
- 9.6
- Type
- use_after_free
- Status
- confirmed
- EPSS
- 3.5%
- Social Posts
- 2
CWE
- CWE-416
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H