CVE-2026-7352 — Use After Free in Google Chrome

Vendor	Product	Version range	Fixed in
google	chrome	< 147.0.7727.138	147.0.7727.138
google	chrome	>= 147.0.7727.138 < 147.0.7727.138	147.0.7727.138
google	chrome_desktop	—	—

VulDB

Google Chrome up to 147.0.7727.117 on Android Media use after free (ID 499023 / Nessus ID 310949)

vuldb·2026-04-30

CVE-2026-7352 [CRITICAL] Google Chrome up to 147.0.7727.117 on Android Media use after free (ID 499023 / Nessus ID 310949) A vulnerability was found in Google Chrome on Android. It has been rated as critical. The impacted element is an unknown function of the component Media. The manipulation leads to use after free. This vulnerability is traded as CVE-2026-7352. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

GHSA

GHSA-m6x4-hgg4-qq65: Use after free in Media in Google Chrome on Android prior to 147

ghsa_unreviewed·2026-04-29

CVE-2026-7352 [HIGH] CWE-416 GHSA-m6x4-hgg4-qq65: Use after free in Media in Google Chrome on Android prior to 147 Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Chrome

Stable Channel Update for Desktop: CVE-2026-7353

vendor_chrome·2026-04-28

CVE-2026-7353 [HIGH] Stable Channel Update for Desktop: CVE-2026-7353 Stable Channel Update for Desktop CVE-2026-7353: Heap buffer overflow in Skia. Reported by Google on 2026-04-01 [TBD][ 499023054 ] High CVE-2026-7352: Use after free in Media Reported by Google on 2026-04-02 [TBD][ 499119490 ] High CVE-2026-7351: Race in MHTML Severity: high

Red Hat

chromium-browser: Use after free in Media

vendor_redhat·2026-04-28·CVSS 9.0

CVE-2026-7352 [HIGH] CWE-825 chromium-browser: Use after free in Media chromium-browser: Use after free in Media An use after free flaw was found in the Media component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=499023054 Statement: Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

CVE-2026-7352: Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially…

Affected