{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-6359/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-6359"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Google Chrome"],"_cs_severities":["high"],"_cs_tags":["cve-2026-6359","chrome","use-after-free","windows"],"_cs_type":"advisory","_cs_vendors":["Google"],"content_html":"\u003cp\u003eCVE-2026-6359 is a high-severity vulnerability affecting Google Chrome on Windows. Specifically, a use-after-free flaw exists in the Video component of Chrome versions prior to 147.0.7727.101. The vulnerability can be exploited by a remote attacker who has already achieved compromise of the renderer process. By crafting a malicious HTML page, the attacker can trigger the use-after-free condition, leading to out-of-bounds memory access. This could potentially allow the attacker to execute arbitrary code or cause a denial-of-service condition. The Chromium security team has rated this vulnerability as \u0026quot;High\u0026quot; severity. This vulnerability was patched in the stable channel update released on April 15, 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious HTML page designed to trigger the use-after-free vulnerability in Chrome's video processing component.\u003c/li\u003e\n\u003cli\u003eThe attacker compromises the renderer process, potentially through a separate vulnerability or social engineering.\u003c/li\u003e\n\u003cli\u003eThe compromised renderer process navigates to the malicious HTML page.\u003c/li\u003e\n\u003cli\u003eThe HTML page attempts to access a video object that has already been freed from memory.\u003c/li\u003e\n\u003cli\u003eThe use-after-free condition triggers, leading to memory corruption.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the memory corruption to gain out-of-bounds memory access.\u003c/li\u003e\n\u003cli\u003eThe attacker can potentially use this out-of-bounds access to execute arbitrary code within the context of the renderer process.\u003c/li\u003e\n\u003cli\u003eThe attacker pivots from the renderer process to further compromise the system, potentially exfiltrating data or installing malware.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-6359 allows a remote attacker to perform out-of-bounds memory access. While the initial vulnerability requires a compromised renderer process, successful exploitation could lead to arbitrary code execution, data exfiltration, or denial of service. The impact is significant for organizations relying on Chrome for Windows, potentially affecting all users who have not updated to version 147.0.7727.101 or later. The scope of impact depends on the attacker's objectives after gaining code execution, and could range from stealing credentials to deploying ransomware.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Google Chrome on Windows to version 147.0.7727.101 or later to patch CVE-2026-6359.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Chrome Use-After-Free via HTML\u003c/code\u003e to your SIEM to detect potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious activity originating from Chrome processes using network connection logs, potentially indicating post-exploitation behavior.\u003c/li\u003e\n\u003cli\u003eEnable process creation logging via Sysmon to capture details of spawned processes from Chrome, assisting in identifying potential exploit payloads.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-03T12:00:00Z","date_published":"2024-01-03T12:00:00Z","id":"https://feed.craftedsignal.io/briefs/2024-01-chrome-use-after-free/","summary":"CVE-2026-6359 is a use-after-free vulnerability in the Video component of Google Chrome on Windows prior to version 147.0.7727.101, allowing a remote attacker who has compromised the renderer process to achieve out-of-bounds memory access via a crafted HTML page.","title":"Google Chrome Use-After-Free Vulnerability in Video Component (CVE-2026-6359)","url":"https://feed.craftedsignal.io/briefs/2024-01-chrome-use-after-free/"}],"language":"en","title":"CraftedSignal Threat Feed - Cve-2026-6359","version":"https://jsonfeed.org/version/1.1"}