CVE-2026-13792
CriticalCVSS 9.6Exploitation Probability (EPSS)
Low risk20th percentile — higher than 20% of all known CVEs
Summary
A use-after-free vulnerability in the Touchbar component of Google Chrome on Mac prior to version 150.0.7871.47 was discovered. A remote attacker could exploit a crafted HTML page to potentially achieve a sandbox escape.
Risk Assessment
The risk for the organization is the potential compromise of the browser process and bypass of sandbox isolation, which could lead to further privilege escalation on the system.
Recommendation
Immediately update Google Chrome on all Mac computers to version 150.0.7871.47 or later.
Original NVD description (English source)
Use after free in Touchbar in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

