Vulnerability in Google Chrome

CVE-2026-6307

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

EPSS: 0.000 (13.1th percentile) — read the EPSS interpretation.

Affected products

Google Chrome — versions 147.0.7727.101

Weakness classification (CWE)

CWE-843 — Access of Resource Using Incompatible Type (Type Confusion)

References