Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
High

Sandbox escape use-after-free in Chrome Dawn WebGPU

IdentifiersCVE-2026-6310CWE-416· Use After Free

CVE-2026-6310 is a high-severity use-after-free vulnerability in Dawn, Chromium’s WebGPU implementation, affecting Google Chrome prior to 147.0.7727.101. The flaw is caused by improper lifetime management of GPU-related resources in Dawn, where freed objects can remain reachable through stale references, creating a dangling pointer condition. According to the provided content, an attacker who has already compromised the renderer process can trigger the bug via a crafted HTML page that issues crafted WebGPU commands, potentially causing memory corruption and hijacking execution flow across the renderer-to-GPU-process security boundary. Google tracked the issue under restricted Chromium issue 497969820 and patched it in Chrome 147.0.7727.101/.102 depending on platform.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can allow a remote attacker, starting from an already compromised renderer process, to escape Chrome’s sandbox by gaining code execution or equivalent control in the less-restricted GPU process. Because this crosses a core Chrome security boundary, the vulnerability can have high confidentiality, integrity, and availability impact, including further browser compromise and follow-on exploitation from a more privileged process context.

Mitigation

If you can’t patch tonight, do this now.

If immediate patching is not possible, a temporary workaround noted in the provided content is to disable hardware acceleration via chrome://settings/system, which removes the Dawn-specific attack vector. This is only a mitigation and may reduce graphics performance. Standard browser hardening also applies, but the primary mitigation is prompt patching.

Remediation

Patch, then assume compromise.

Upgrade Google Chrome to a fixed version. The provided content states that Chrome 147.0.7727.101 is fixed on Linux, and Chrome 147.0.7727.101/.102 is fixed on Windows and macOS. Downstream Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi should also be updated once they incorporate the upstream Chromium fix.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
GoogleChromeapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

9 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

9 SOURCESView more in app
cvefeed high severityNews
Apr 15, 2026
CVE-2026-6310 - Google Chrome Use After Free Sandbox Escape

A use-after-free vulnerability in Dawn in Google Chrome that could allow a remote attacker, after compromising the renderer process, to potentially escape the sandbox via a crafted HTML page.

Read more
chrome releases blogNews
Apr 15, 2026
Chrome Releases: Stable Channel Update for Desktop

A high-severity use-after-free vulnerability in Dawn in Google Chrome.

Read more
zeropath blogNews
Apr 15, 2026
Google Chrome Dawn WebGPU Use After Free: Brief Summary of CVE-2026-6310 and Its Sandbox Escape Potential - ZeroPath Blog | ZeroPath

A use-after-free vulnerability in Chrome's Dawn WebGPU engine that can enable a sandbox escape from a compromised renderer process into the less-restricted GPU process.

Read more
zeropath blogNews
Apr 15, 2026
Quick Look: CVE-2026-6309, Use After Free in Google Chrome Viz Enables Sandbox Escape - ZeroPath Blog | ZeroPath

A high-severity use-after-free vulnerability in Chrome's Dawn component, listed among related vulnerabilities fixed in the same release.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity4

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2026-6310
NVD
nvd.nist.gov/vuln/detail/CVE-2026-6310
MITRE CWE · CWE-416
Use After Free
Vendor Advisory
chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
Permissions Required
issues.chromium.org/issues/497969820