Agents
Google Chrome CVE-2026-9111: Use-After-Free in Linux Chrome Enables Arbitrary Code Execution via Crafted HTML Pages
Published May 20, CVE-2026-9111 is a use-after-free vulnerability affecting Google Chrome on Linux prior to version 148.0.7778.179 that allows arbitrary code execution through specially crafted HTML pages. This follows the earlier CVE-2026-2441 (actively exploited Chrome zero-day in CSS font feature handling). Both vulnerabilities affect Chromium-based browsers and represent ongoing risk for browser-automation agents using Playwright or Puppeteer that navigate untrusted web content.
↳ Follow the thread