CVE Catalog
CVE-2026-11628
MediumCVSS 6.8Exploitation Probability (EPSS)
Low risk0.01%
1th percentile - higher than 1% of all known CVEs
Summary
Use after free in Ozone in Google Chrome prior to version 149.0.7827.103 allows a local attacker to potentially exploit heap corruption via physical access to the device.
Risk Assessment
An attacker with physical access to the device may exploit this vulnerability to gain control over the system, posing a serious security threat to the organization.
Recommendation
It is recommended to update Google Chrome to the latest version to mitigate this vulnerability and reduce risk.
Original NVD description (English source)
Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: Critical)

