CVE-2026-13784 in Chromeinfo

Summary

by MITRE • 07/01/2026

Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 07/01/2026

This vulnerability represents a critical use-after-free condition in the Views component of Google Chrome browsers version 150.0.7871.46 and earlier, classified under CWE-416 as improper deallocation followed by use of freed memory. The flaw exists within the browser's user interface rendering system where memory allocated for UI elements is prematurely freed while still being referenced by active code paths. Attackers could exploit this by crafting malicious HTML content that triggers specific user interface interactions, such as rapid mouse movements or clicks on particular UI components. When the browser processes these crafted gestures, it attempts to access memory that has already been deallocated, leading to heap corruption that can be leveraged for arbitrary code execution.

The technical implementation of this vulnerability occurs in Chrome's rendering pipeline where Views objects manage the graphical user interface elements including windows, controls, and dialog boxes. During normal operation, these objects maintain references to underlying memory structures that are managed through reference counting or garbage collection mechanisms. However, when specific UI gesture sequences are triggered through malicious web content, the object lifecycle management fails to properly track when objects should remain valid versus when they can be safely deallocated. This creates a race condition where freed memory locations become accessible again before proper cleanup occurs, allowing attackers to manipulate the heap state.

The operational impact of this vulnerability is severe as it enables remote code execution without requiring user interaction beyond visiting a malicious website or engaging with crafted HTML content. Attackers can leverage this to execute arbitrary commands on affected systems with the privileges of the Chrome browser process. The exploit requires only that a user navigate to a specially crafted webpage and perform specific UI gestures, making it particularly dangerous in phishing campaigns or drive-by download scenarios. The vulnerability's classification as Critical by Chromium security team indicates its high potential for exploitation and the significant risk it poses to user systems.

Mitigation strategies include immediate browser updates to version 150.0.7871.47 or later where the use-after-free has been patched through proper memory management controls and additional validation checks in the Views component. Users should also employ additional security measures such as enabling sandboxing features, using content filtering solutions, and maintaining updated antivirus definitions. Organizations should consider implementing web application firewalls to block suspicious HTML content and monitor for indicators of compromise related to this vulnerability class. From a defense perspective, this vulnerability aligns with ATT&CK technique T1059.007 for command and scripting interpreter and T1203 for Exploitation for Client Execution, making it particularly relevant for incident response teams to monitor for potential exploitation attempts.

Responsible

Chrome

Reservation

06/30/2026

Disclosure

07/01/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!