cbcvebase.
CVE-2026-8580
published 2026-05-14

CVE-2026-8580: Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page…

critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Affected

3 ranges
VendorProductVersion rangeFixed in
googlechrome< 148.0.7778.168148.0.7778.168
googlechrome>= 148.0.7778.168 < 148.0.7778.168148.0.7778.168
googlechrome_desktop