Use-after-Free in Chrome IndexedDB (before 150.0.7871.115)
CVE-2026-15107 Published on July 8, 2026

Use after free in IndexedDB in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

NVD

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2026-15107 has been classified to as a Dangling pointer vulnerability or weakness.


Products Associated with CVE-2026-15107

Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.

 

Affected Versions

Google Chrome: