PT-2026-44698 · Google · Google Chrome

Published

2026-05-28

Updated

2026-05-30

CVE-2026-9990

CVSS v3.1

7.5

High

Vector

AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216

Description A use after free issue exists in WebAppInstalls on Mac. A remote attacker can potentially exploit heap corruption—a condition where memory allocation on the heap is corrupted—via a crafted HTML page if a user is convinced to perform specific UI gestures.

Recommendations Update to version 148.0.7778.216 or later.

Fix

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2026-9990

ECHO-C4A2-4DB9-8BC1

OPENSUSE-SU-2026:10906-1

Affected Products

Google Chrome

PT-2026-44698 · Google · Google Chrome

CVE-2026-9990

Weakness Enumeration

Related Identifiers

Affected Products

References · 161