CVE-2026-6309: Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a…

CVE-2026-6309 [HIGH] Google Chrome up to 147.0.7727.55 Viz use after free (ID 497846) A vulnerability classified as critical has been found in Google Chrome. This affects an unknown function of the component Viz. Performing a manipulation results in use after free. This vulnerability was named CVE-2026-6309. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

CVE-2026-6309 [HIGH] CWE-416 GHSA-vm22-5c7q-8w8h: Use after free in Viz in Google Chrome prior to 147 Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CVE-2026-5289 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2026-5289 Long Term Support Channel Update for ChromeOS CVE-2026-5289: Use after free in Navigation. 497846428 High CVE-2026-6309: Use after free in Viz Severity: high

CVE-2026-6309 [HIGH] Stable Channel Update for Desktop: CVE-2026-6309 Stable Channel Update for Desktop CVE-2026-6309: Use after free in Viz. Reported by Google on 2026-03-30 [TBD][ 497880137 ] High CVE-2026-6360: Use after free in FileSystem Reported by asjidkalam on 2026-03-31 [N/A][ 497969820 ] High CVE-2026-6310: Use after free in Dawn Severity: high

CVE-2026-6309 [HIGH] CWE-825 chromium-browser: Use after free in Viz chromium-browser: Use after free in Viz An use after free flaw was found in the Viz component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=497846428 Statement: Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

CVE-2026-6299 [HIGH] CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE- CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE-2026-6363 ... chromium: various flaws [fedora-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-6299 [HIGH] CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE- CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE-2026-6363 ... chromium: various flaws [epel-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-6309 [HIGH] CVE-2026-6309 Google Chrome: Viz: Google Chrome: Sandbox escape in Viz component via use-after-free vulnerability CVE-2026-6309 Google Chrome: Viz: Google Chrome: Sandbox escape in Viz component via use-after-free vulnerability Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)