External risk intelligence

Chrome GPU Use-After-Free Sandbox Escape

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-13775

The vulnerability affects a web browser, which is a client-side application designed to interact with and render content from the public internet. While it requires the user to visit a crafted web page, web browsers are fundamentally internet-facing applications commonly used to access external network resources.

Use After Free

Google Chrome

before 150.0.7871.47

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

A vulnerability in Google Chrome's graphics processing could allow an attacker to escape security protections by tricking a user into visiting a malicious website. This type of issue, while technical, impacts the security of user interactions online.

  • Graphics flaw allows escaping browser safety.
  • Affects widely used web browsing technology.
  • Focus on confirming relevance and exposure.

Attack Path

How an attacker could exploit the issue

An attacker could target users by tricking them into visiting a malicious website. This website would contain specially crafted code that, when processed by the browser's graphics component, could lead to a security bypass, allowing the attacker to gain broader access to the user's system.

  • Requires a malicious webpage.
  • Exploits graphics processing vulnerability.
  • Risk of system compromise.

Live Threat

Current exploitation, exposure, and threat context

A use-after-free vulnerability in the GPU component of Google Chrome could allow a sandbox escape. This may occur when a user visits a specially crafted HTML page, potentially leading to a compromise of the renderer process.

  • Renderer process data.
  • Via a crafted HTML page.
  • Sandbox escape.

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability in Google Chrome's GPU component requires an attacker to first compromise the renderer process, then lure a user to a specially crafted HTML page. This could allow for a sandbox escape, posing a critical risk. Owners of internet-facing web services, application owners responsible for the content served through Chrome, and infrastructure teams supporting endpoint security should prioritize confirming the presence and reachability of affected Chrome installations.

  • Issue owner: Endpoint/Application owners.
  • Verify first: Identify Chrome installations.
  • Next action: Plan controlled updates.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is Google Chrome in the context of this CVE?

Google Chrome is a widely used web browser that relies on a GPU component to render complex graphics and web content efficiently. The browser uses a sandbox architecture to isolate web page processing from your computer's main operating system, which is a security boundary designed to keep malicious web content from affecting your device.

What does use-after-free mean for CVE-2026-13775?

This vulnerability is a use-after-free, classified as CWE-416. It occurs when software continues to use a memory location after that memory has been freed or deleted. In this specific case within the GPU component, the memory corruption can be manipulated to bypass security boundaries, potentially allowing a malicious web page to escape the browser's sandbox and gain unauthorized access to the underlying system.

How does an attacker trigger this Chrome vulnerability?

An attacker must first compromise the browser's renderer process and then lure a user to a specially crafted HTML page. Simply having Chrome installed is not enough to trigger the bug. If a user does not visit the malicious website or interact with the specifically designed content, the vulnerability remains inactive because the attack requires the browser's graphics engine to process that specific, malicious code.

Why is this CVE considered relevant to my setup?

According to Halo Surface Signal, this vulnerability is significant because Google Chrome is an internet-facing application. Since browsers are designed to constantly fetch and render content from external networks, the risk is elevated for any user or system interacting with the public web, as the browser is the primary bridge between your local environment and untrusted online content.

What should I do if I am running Google Chrome?

The most effective way to address this issue is to update your software to version 150.0.7871.47 or later. Since this is a browser-based risk, you should prioritize verifying your current installation version and planning a controlled update across your devices. Ensuring your browser is up to date prevents the vulnerability from being exploited by ensuring the graphics component memory management is correctly patched.

References