<0.1% probability · 19.4th percentile — 2026-05-11
Affected versions
Google Chrome prior to 148.0.7778.96
Summary
A critical use-after-free flaw exists in the Fullscreen component of Google Chrome before version 148.0.7778.96. A remote attacker can trick a user into opening a crafted HTML page to exploit this issue, potentially achieving a full sandbox escape and arbitrary code execution. Google Chrome is one of the most widely used web browsers globally, making this a high impact flaw for most organizations.
Remediation
Update Google Chrome to version 148.0.7778.96 or newer immediately. Enable automatic browser updates across all organization endpoints. Block access to untrusted web content until all systems are patched.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.