CVE-2026-12011

Concisely: CVE-2026-12011 is a use-after-free in Chrome’s WebMIDI on Windows prior to 149.0.7827.115. This weakness could allow a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. The Chromium update (149.0.7827.114/115) fixes this issue; users should upgrade to ...

CVE-2026-11165

CVE-2026-11165 describes a use-after-free in WebMIDI for Google Chrome on iOS, prior to version 149.0.7827.53. The vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. The description also notes Chromium security severity as Medium and shows...

CVE-2026-10014

Use after free in WebMIDI in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-7350

Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7350

Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Chromium: CVE-2026-3923 Use after free in WebMIDI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...