CVE-2026-9902: Use after free in Accessibility

Q: What is the severity of CVE-2026-9902?

CVE-2026-9902 has a high severity rating of 8.3 based on the CVSS 3.1 score.

Q: How do I fix CVE-2026-9902?

To fix CVE-2026-9902, update Google Chrome to version 148.0.7778 or later.

Q: What type of vulnerability is CVE-2026-9902?

CVE-2026-9902 is classified as a 'Use After Free' vulnerability in Accessibility.

Q: Which products are affected by CVE-2026-9902?

CVE-2026-9902 affects Google Chrome and Microsoft Edge (Chromium-based) browsers.

Q: When was CVE-2026-9902 published?

CVE-2026-9902 was published on March 31, 2026.

Published Mar 31, 2026

Updated

Chromium: CVE-2026-9902 Use after free in Accessibility

Other sources

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

— Microsoft

Use after free in Accessibility in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

— NVD

Credit

Google

Affected Software

4 affected componentsFixes available

Google Chrome<148.0.7778.216

Microsoft Edge (Chromium-based)

Patch available

Microsoft Edge<148.0.3967.96

Google Chrome<148.0.7778.216

Event History

May 28, 2026

CVE Published

via MITRE·10:25 PM

Data Sourced

via MITRE·10:25 PM

DescriptionWeakness

Data Sourced

via NVD·11:16 PM

DescriptionSeverityWeaknessAffected Software

May 29, 2026

Data Sourced

via Microsoft·11:19 PM

DescriptionSeverityWeaknessAffected Software

Updated

via Microsoft·11:19 PM

DescriptionAffected Software

Jun 3, 2026

Data Sourced

12:00 AM

SeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

2263404209181841280

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the severity of CVE-2026-9902?

CVE-2026-9902 has a high severity rating of 8.3 based on the CVSS 3.1 score.

How do I fix CVE-2026-9902?

To fix CVE-2026-9902, update Google Chrome to version 148.0.7778 or later.

What type of vulnerability is CVE-2026-9902?

CVE-2026-9902 is classified as a 'Use After Free' vulnerability in Accessibility.

Which products are affected by CVE-2026-9902?

CVE-2026-9902 affects Google Chrome and Microsoft Edge (Chromium-based) browsers.

When was CVE-2026-9902 published?

CVE-2026-9902 was published on March 31, 2026.

CVE-2026-9902: Use after free in Accessibility

Other sources

Credit

Affected Software

Event History

Parent advisories

Peer vulnerabilities

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2026-9902?

How do I fix CVE-2026-9902?

What type of vulnerability is CVE-2026-9902?

Which products are affected by CVE-2026-9902?

When was CVE-2026-9902 published?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2026-9902?

How do I fix CVE-2026-9902?

What type of vulnerability is CVE-2026-9902?

Which products are affected by CVE-2026-9902?

When was CVE-2026-9902 published?