Critical Chrome Proxy Bug Allows Sandbox Escape

/HIGH
SCW vulnerabilitycvehigh-severityuse-after-freecwe-416
Critical Chrome Proxy Bug Allows Sandbox Escape

The National Vulnerability Database has flagged a critical vulnerability, CVE-2026-6297, impacting Google Chrome versions prior to 147.0.7727.101. This use-after-free flaw, specifically within the browser’s proxy component, carries a CVSS score of 8.3 (HIGH) and is categorized under CWE-416.

According to the National Vulnerability Database, this vulnerability could enable an attacker in a privileged network position to achieve a sandbox escape. The attack vector leverages a specially crafted HTML page, meaning user interaction, typically clicking a malicious link, is a prerequisite. While the affected products aren’t explicitly detailed beyond ‘Google Chrome prior to 147.0.7727.101,’ the severity rating from Chromium security indicates a significant risk. A sandbox escape is a big deal; it means an attacker can break out of the browser’s protective container and potentially execute arbitrary code on the underlying system. This isn’t just about data theft; it’s about full system compromise.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1210 Exploitation for Lateral Movement Lateral Movement T1068 Exploitation for Privilege Escalation Privilege Escalation

🛡️ Detection Rules

5 rules · 6 SIEM formats

5 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, QRadar AQL, and Wazuh.

high T1190 Initial Access

Web Application Exploitation Attempt — CVE-2026-6297

✓ Sigma 🔒 Splunk SPL 🔒 Sentinel KQL 🔒 Elastic 🔒 QRadar AQL 🔒 Wazuh

Want this in your SIEM's native format? Get Splunk SPL, Sentinel KQL, Elastic, QRadar AQL, or Wazuh — ready to paste.

5 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.

Get All SIEM Formats →

Indicators of Compromise

IDTypeIndicator
CVE-2026-6297 Use After Free Google Chrome < 147.0.7727.101
CVE-2026-6297 Sandbox Escape Proxy component in Google Chrome
CVE-2026-6297 Code Injection crafted HTML page

By Shimi's Cyber World Editorial

Related Posts

CVE-2026-4949 — The Paid Membership Plugin, Ecommerce, User Registration

CVE-2026-4949 — The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to...

vulnerabilityCVEcwe-862
/MEDIUM /⚑ 2 IOCs

OWASP BLT RCE: GitHub Workflow Flaw Exposes Secrets

CVE-2026-40316 — OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain...

vulnerabilityCVEhigh-severitycode-executioncwe-94cwe-95
/HIGH /⚑ 3 IOCs

CVE-2026-39350 — Istio is an open platform to connect, manage, and secure

CVE-2026-39350 — Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, the...

vulnerabilityCVEcwe-185cwe-863
/MEDIUM /⚑ 3 IOCs