Vulnerability intelligence

CVE-2026-12437

Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

CVSS Score

—

Unrated

EPSS — Exploit Probability

0.0%

Riskier than 0% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

Patch available

Vendor fix published

NVD entry Vendor patch PoC / advisory

1 article across 1 outlet · first covered Jun 17, 2026 · latest Jun 17, 2026

Coverage timeline

Google fixes 33 Chrome bugs, including critical CVE-2026-12437
securityonline.info · Jun 17, 2026