Vulnerability Brief

CVE-2026-13028

• Severity: CRITICAL
• CVSS score: 9.6

Technical summary

Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)