CVE 8.8 HIGH

CVE-2026-10888_CVE-2026-10888

June 4, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

AI Analysis

Use after free vulnerability in Google Chrome's Cast Streaming feature, allowing an attacker to execute arbitrary code via malicious network traffic

Basic Information

ID CVE-2026-10888

Source Chrome

Published Jun 4, 2026 at 23:03

Modified Jun 5, 2026 at 01:39

Affected Product

Vendor Google

Product Chrome

Version 149.0.7827.53

Affected Versions Google Chrome 149.0.7827.53

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Google

Product Google Chrome

Version 149.0.7827.53

References

{
    "lastseen": "",
    "description": "Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)",
    "published": "2026-06-04T23:03:24.907Z",
    "modified": "2026-06-05T01:39:35.317Z",
    "type": "cve",
    "title": "CVE-2026-10888",
    "source": "Chrome",
    "references": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html\nhttps://issues.chromium.org/issues/505815080",
    "id": "CVE-2026-10888",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Google Chrome 149.0.7827.53",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Chrome",
    "version": "149.0.7827.53",
    "vendor": "Google",
    "ai_description": "Use after free vulnerability in Google Chrome's Cast Streaming feature, allowing an attacker to execute arbitrary code via malicious network traffic",
    "ai_severity": "High",
    "ai_vendor": "Google",
    "ai_product": "Google Chrome",
    "ai_version": "149.0.7827.53",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply