CVE-2026-7343

Daily digests

A use-after-free bug in Chrome's Views component on Windows lets an attacker who already controls the renderer process break out of the sandbox. That's the escalation path from "running code in Chrome's jail" to "running code on the host." CVSS 9.8, not yet exploited in the wild, but sandbox escapes get weaponized fast.

• Daily Digest · Apr 29, 2026

  Chrome sandbox escape + 4 critical 9.8s