CVE-2026-7359
published 2026-04-28CVE-2026-7359: Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome | < 147.0.7727.138 | 147.0.7727.138 | |
| chrome | >= 147.0.7727.138 < 147.0.7727.138 | 147.0.7727.138 | |
| chrome_desktop | — | — | |
| paloalto | prisma_browser | — | — |
Palo Alto
PAN-SA-2026-0007 Chromium and Prisma Browser: Monthly Vulnerability Update (May 2026)
vendor_paloalto·2026-05-13·CVSS 8.8
CVE-2026-4439 [HIGH] PAN-SA-2026-0007 Chromium and Prisma Browser: Monthly Vulnerability Update (May 2026)
PAN-SA-2026-0007 Chromium and Prisma Browser: Monthly Vulnerability Update (May 2026)
Palo Alto Networks incorporated the following Chromium security fixes into our products: https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_22.html https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html CVE Summary CVE-2026-4439 Out of bounds memory access in WebGL CVE-2026-4440 Out of bounds read and write in WebGL CVE-2026-4441 Use after free in Base CVE-2026-4442 Heap buffer overflow in
Red Hat
chromium-browser: Use after free in ANGLE
vendor_redhat·2026-04-28·CVSS 9.0
CVE-2026-7359 [HIGH] CWE-825 chromium-browser: Use after free in ANGLE
chromium-browser: Use after free in ANGLE
An use after free flaw was found in the ANGLE component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=496284494
Statement: Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.
Chrome
Stable Channel Update for Desktop: CVE-2026-7359
vendor_chrome·2026-04-28
CVE-2026-7359 [HIGH] Stable Channel Update for Desktop: CVE-2026-7359
Stable Channel Update for Desktop
CVE-2026-7359: Use after free in ANGLE. Reported by Google on 2026-03-25 [TBD][ 496285281 ] High CVE-2026-7358: Use after free in Animation
Reported by Google on 2026-03-25 [TBD][ 496456528 ] High CVE-2026-7334: Use after free in Views
Severity: high
GHSA
GHSA-2356-622p-vmc7: Use after free in ANGLE in Google Chrome prior to 147
ghsa_unreviewed·2026-04-29
CVE-2026-7359 [HIGH] CWE-416 GHSA-2356-622p-vmc7: Use after free in ANGLE in Google Chrome prior to 147
Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
No detection rules found.
No public exploits indexed.
2026-04-28
Published