{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7337", "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "state": "PUBLISHED", "assignerShortName": "Chrome", "dateReserved": "2026-04-28T20:02:34.388Z", "datePublished": "2026-04-28T22:36:05.040Z", "dateUpdated": "2026-04-28T22:36:05.040Z"}, "containers": {"cna": {"affected": [{"vendor": "Google", "product": "Chrome", "versions": [{"version": "147.0.7727.138", "status": "affected", "lessThan": "147.0.7727.138", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Type Confusion", "cweId": "CWE-843"}]}], "providerMetadata": {"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome", "dateUpdated": "2026-04-28T22:36:05.040Z"}, "references": [{"url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html"}, {"url": "https://issues.chromium.org/issues/500880819"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)"}], "id": "CVE-2026-7337", "lastModified": "2026-04-28T23:16:21.267", "metrics": {}, "published": "2026-04-28T23:16:21.267", "references": [{"source": "chrome-cve-admin@google.com", "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://issues.chromium.org/issues/500880819"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-843"}], "source": "chrome-cve-admin@google.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[147.0.7727.138,147.0.7727.138)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Chrome", "source": "cna", "vendor": "Google"}, "product": "chrome", "vendor": "google"}], "analysis": {"en": {"generated_at": "2026-04-29T02:35:40.037370+00:00", "value": {"mitigation_remediation": ["Update Google Chrome to version 147.0.7727.138 or later.", "If a manual update is required, download the latest stable release from the official Google Chrome website.", "Configure the browser to automatically apply updates to receive future security fixes without user intervention."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution inside Chrome sandbox"}, "threat_synthesis": {"affected_systems": "All Google Chrome desktop builds\u2014Windows, macOS, and Linux\u2014prior to version 147.0.7727.138 are affected. The issue does not reference mobile, server\u2011side, or enterprise editions, so the focus is on standard desktop installations.", "description_and_impact": "The flaw is a type confusion bug in the V8 JavaScript engine that allows a remote attacker to run arbitrary code inside the Chrome sandbox through a crafted HTML page. The vulnerability is classified as CWE\u2011843, indicating improper type handling that leads to unintended type conversion. The potential impact is the execution of code confined to the sandboxed environment of the browser, which can be a foothold for further attacks but does not directly grant native privileges.", "risk_and_exploitability": "The attack vector is remote and only requires the victim to load a malicious HTML page, making it easily reachable from any network. EPSS information is not available, and the vulnerability is not listed in the CISA KEV catalog, indicating no current widespread exploitation. The flaw bypasses the sandbox to execute code inside the browser process; while it does not explicitly claim elevation to native privileges, the ability to run arbitrary code within the sandbox can facilitate privilege escalation within the browser or enable lateral movement to other processes."}}}}, "created": "2026-04-29T02:00:26.282394+00:00", "title": "Type Confusion in V8 Enables Remote Code Execution inside Chrome Sandbox", "updated": "2026-04-29T02:45:35.946733+00:00", "vendors": ["google", "google$PRODUCT$chrome"]}