CVE-2026-9887: Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium…

high8.8CVSS 3.1

AVNACLPRNUIRSUCHIHAH

Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical)

Affected

4 ranges

Vendor	Product	Version range	Fixed in
google	chrome	< 148.0.7778.216	148.0.7778.216
google	chrome	< 148.0.7778.215	148.0.7778.215
google	chrome	>= 148.0.7778.216 < 148.0.7778.216	148.0.7778.216
google	chrome_desktop	—	—