About:
CVE-2026-2441 is a high-severity use-after-free vulnerability in the CSS component of Google Chrome caused by improper memory handling. A remote attacker can exploit this flaw by convincing a user to visit a specially crafted web page, leading to arbitrary code execution within the browser context. This vulnerability is actively exploited in the wild and poses significant risk to unpatched systems, particularly in enterprise environments where browser access is widespread.
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
CVSS Score: 8.3 (High)
Identifier: CVE-2026-2441
Exploit or POC: CVE-2026-2441 is confirmed to be actively exploited in the wild.
Update:
Description:
Mitigation Recommendation: