CVE-2026-11072 PUBLISHED

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: Medium)

• https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html
• https://issues.chromium.org/issues/499238195

• Use after free