CVE-2026-2441HIGH 8.8CISA KEVEPSS p97.4%

CVE-2026-2441Google Chromium CSS Use-After-Free Vulnerability

Google / Chromium

Description

Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS22.02% probability of exploitation · percentile 97.4% · 2026-06-18T12:00:27Z
Published2026-02-13
Last modified2026-02-23

CISA KEV entry

Added to KEV: 2026-02-17

Underlying weaknesses· 1

CWE-416

References

  1. https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html
  2. https://issues.chromium.org/issues/483569511
  3. https://github.com/huseyinstif/CVE-2026-2441-PoC/blob/main/poc.html
  4. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-2441

1

TypeTargetConfidenceTier
WeaknessUse After Freecwe-4160%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryGoogle Chromium CSS Use-After-Free Vulnerabilitykev-cve-2026-24410%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Google Chromium Visuals Use-After-Free Vulnerability
CVE
CVE-2026-2313
CVE
Google Chromium Network Service Use-After-Free Vulnerability
CVE
Google Chromium V8 Use-After-Free Vulnerability
CVE
Google Chromium Blink Use-After-Free Vulnerability
CVE
Google Chromium WebGL Use-After-Free Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.