CVE-2026-7338 PUBLISHED

Assigner: Chrome
Reserved: 28.04.2026 Published: 28.04.2026 Updated: 28.04.2026

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)

Product Status

Vendor	Google
Product	Chrome
Versions	affected from 147.0.7727.138 to 147.0.7727.138 (excl.)

References

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html
https://issues.chromium.org/issues/502449857

Problem Types

Use after free