High severity7.5NVD Advisory· Published Apr 28, 2026· Updated Apr 30, 2026
CVE-2026-7338
CVE-2026-7338
Description
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
Affected products
5- osv-coords3 versionspkg:apk/chainguard/chromiumpkg:apk/wolfi/chromiumpkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
< 148.0.7778.96-r0+ 2 more
- (no CPE)range: < 148.0.7778.96-r0
- (no CPE)range: < 148.0.7778.96-r0
- (no CPE)range: < 148.0.7778.96-1.1
Patches
Vulnerability mechanics
References
2- chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.htmlnvdVendor Advisory
- issues.chromium.org/issues/502449857nvdPermissions Required
News mentions
0No linked articles in our index yet.