CVE-2026-13035

Description

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a malicious peripheral. (Chromium security severity: High)

PUBLISHED Reserved 2026-06-23 | Published 2026-06-24 | Updated 2026-06-24 | Assigner Chrome

Problem types

Use after free

Product status

References

chromereleases.googleblog.com/...for-desktop_0482630350.html

issues.chromium.org/issues/523704570

cve.org (CVE-2026-13035)

nvd.nist.gov (CVE-2026-13035)

Download JSON