CVE-2026-10951
HighCVSS 8.8Summary
A use after free vulnerability in Autofill in Google Chrome on iOS prior to version 149.0.7827.53 can be exploited by a remote attacker. The attacker can convince a user to perform specific UI gestures, potentially leading to heap corruption via a crafted HTML page.
Risk Assessment
This vulnerability poses a risk to users who may be targeted by remote attacks, potentially leading to system compromise. The high severity level indicates serious implications for data security.
Recommendation
It is recommended to update Google Chrome on iOS to the latest version to mitigate this vulnerability. Users should also avoid interacting with suspicious websites.
Original NVD description (English source)
Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

