Skip to content
Security Alerts

CVE-2026-7333: Use-after-free in Google Chrome GPU component

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page (Chromium severity: High).

Marcin Godula Marcin Godula

Summary

ParameterValue
CVE IDCVE-2026-7333
Alert SourceGitHub Advisory - Critical Vulnerability
CVE Publication Year2026
Date Published2026-04-29
VendorGoogle
ProductChrome
CVSS Score9.6 (critical)
EPSS Score0.0% (percentile: 10%)
CISA KEVNo
RansomwareNot confirmed

Vulnerability Description

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Required Actions

Update Google Chrome to version 147.0.7727.138 or newer on all workstations immediately. In enterprise environments, force a browser restart so the update takes effect. Consider enabling Chrome Browser Cloud Management auto-update policies and inform users they need to close all browser tabs.

Who Is Affected?

This vulnerability affects Chrome by Google. Check whether your organization uses Google Chrome (and Chromium-based browsers) and roll out the update to version 147.0.7727.138 or newer.

Sources

Need help securing your systems? nFlo team offers vulnerability management and 24/7 SOC services. Contact us.

Learn More

Tags:

cve-2026-7333 critical google chrome vulnerability

Share:

Talk to an expert

Have questions about this topic? Get in touch with our specialist.

Sales Representative
Grzegorz Gnych

Grzegorz Gnych

Sales Representative

+48 664 003 003grzegorz.gnych@nflo.pl
Response within 24 hours
Free consultation
Individual approach

Providing your phone number will speed up contact.

Want to Reduce IT Risk and Costs?

Book a free consultation - we respond within 24h

Response in 24h Free quote No obligations
Book a Call +48 22 487 86 36

Or download free guide:

Download NIS2 Checklist