Chrome Video Bug: Renderer Compromise Leads to High-Severity RCE
The National Vulnerability Database has disclosed a critical use-after-free vulnerability, CVE-2026-6359, impacting Google Chrome on Windows. This flaw, rated with a high severity CVSS score of 8.8, specifically affects versions prior to 147.0.7727.101. It’s a classic memory corruption issue, categorized under CWE-416, which is always a red flag for exploit developers.
According to the National Vulnerability Database, an attacker who successfully compromises the renderer process can leverage this vulnerability to achieve out-of-bounds memory access. This is done by tricking a user into visiting a specially crafted HTML page. The implications are severe; out-of-bounds memory access often paves the way for arbitrary code execution, allowing an attacker to run malicious code on the victim’s system with the privileges of the Chrome process. This kind of bug is a prime target for initial access and privilege escalation within browser sandboxes.
Related ATT&CK Techniques
🛡️ Detection Rules
4 rules · 6 SIEM formats4 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, QRadar AQL, and Wazuh.
Web Application Exploitation Attempt — CVE-2026-6359
Want this in your SIEM's native format? Get Splunk SPL, Sentinel KQL, Elastic, QRadar AQL, or Wazuh — ready to paste.
4 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.
Get All SIEM Formats →Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-6359 | Use After Free | Google Chrome on Windows prior to version 147.0.7727.101 |
| CVE-2026-6359 | Memory Corruption | Out of bounds memory access in Video component |
| CVE-2026-6359 | Code Injection | Crafted HTML page leading to renderer process compromise |
Related Posts
Composer Command Injection: Malicious Repositories are a New Vector
CVE-2026-40261 — Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase()...
CVE-2026-40186 — Non-Default Configurations Where Option Or Textarea Are Incl Cross-Site Scripting (XSS)
CVE-2026-40186 — ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package...
Critical Dgraph Flaw Leaks Admin Tokens, Bypassing Authentication
CVE-2026-40173 — Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is...