CVE-2026-9958

Google · Chrome

A use-after-free vulnerability in the PDFium library of Google Chrome may lead to memory corruption or potential code execution.

Executive summary

A critical use-after-free vulnerability in Google Chrome’s PDFium library exposes users to potential arbitrary code execution via malicious PDF documents.

Vulnerability

This is a use-after-free vulnerability located within the PDFium component of Google Chrome. An attacker could exploit this by convincing a user to open a specially crafted PDF file, triggering improper memory handling.

Business impact

With a CVSS score of 8.8, this vulnerability represents a significant threat to endpoint security. Exploitation could allow an attacker to execute arbitrary code with the privileges of the browser process, leading to data exfiltration or the compromise of local system integrity.

Remediation

Immediate Action: Deploy the latest Google Chrome updates across all systems to address the vulnerability within the PDFium library.

Proactive Monitoring: Monitor for unusual PDF rendering errors or abnormal system resource consumption by the browser process.

Compensating Controls: Utilize endpoint detection and response (EDR) solutions to identify and block suspicious child processes spawned by browser-related applications.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Organizations should prioritize patching browser software to prevent exploitation of PDF-based attack vectors. Immediate updates are required to neutralize the threat posed by this memory corruption vulnerability.