CVE Catalog
CVE-2026-13788
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk0.38%
30th percentile — higher than 30% of all known CVEs
Summary
Use-After-Free vulnerability in Fullscreen mode in Google Chrome on Android prior to 150.0.7871.47 allows a remote attacker to execute arbitrary code via a crafted HTML page. Chromium severity: Critical.
Risk Assessment
An attacker can take control of the Android device, steal data, or install malware without user interaction.
Recommendation
Immediately update Google Chrome on Android to version 150.0.7871.47 or later. Notify users about the required update.
Original NVD description (English source)
Use after free in Fullscreen in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

