vulnerability context

CVE-2026-9988

CVSS 8.3 HIGHEPSS 21%CWE-416

Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Published 2026-05-28 · last modified 2026-05-29

details

CISA KEV status: Not in catalog
CVSS v3: 8.3 / HIGH
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS: 21% percentile (score 0.0007)
CWE: CWE-416

View on NVD → · cve.org

source mentions 2

[TheHackerWire] 🟠 CVE-2026-9988 - High (8.3) Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.216 allowe...Bluesky · 10d ago
[CVE Alerts ] CVE-2026-9988 - Google Chrome WebRTC Use-After-Free Sandbox Escape CVE ID : CVE-2026-9988 Published : May 28, 202...Bluesky · 12d ago

source consensus

Bluesky2×

Want the 3-bullet summary of CVE-2026-9988, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →