CVE-2026-7349 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2026-7349?

CVE-2026-7349 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-7349?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Macos, Linux Linux Kernel, Microsoft Windows.

Vulnerability Description

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)

CVSS Score

7.5

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Google	Chrome	< 147.0.7727.138
Apple	Macos	-
Linux	Linux Kernel	-
Microsoft	Windows	-

Related Weaknesses (CWE)

CWE-416

References

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_Vendor Advisory
https://issues.chromium.org/issues/500034684Permissions Required

FAQ

What is CVE-2026-7349?

CVE-2026-7349 is a vulnerability with a CVSS score of 7.5 (HIGH). Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium sec...

How severe is CVE-2026-7349?

CVE-2026-7349 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-7349?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Macos, Linux Linux Kernel, Microsoft Windows.