CVE-2026-2441
Published: 13 February 2026
Summary
CVE-2026-2441 is a high-severity Use After Free (CWE-416) vulnerability in Google Chrome. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Drive-by Compromise (T1189); ranked in the top 4.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates timely identification, reporting, and remediation of known software flaws like this Chrome use-after-free vulnerability through patching to version 145.0.7632.75 or later.
Requires vulnerability scanning to identify systems running vulnerable Chrome versions affected by CVE-2026-2441, enabling proactive remediation.
Implements memory protections such as ASLR and DEP that mitigate exploitation of use-after-free vulnerabilities in browser CSS components.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a use-after-free in Chrome's CSS component exploited via a malicious webpage, enabling drive-by compromise (T1189) and exploitation for client execution (T1203) with user interaction by visiting the site.
NVD Description
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Deeper analysisAI
CVE-2026-2441 is a use-after-free vulnerability (CWE-416) in the CSS component of Google Chrome prior to version 145.0.7632.75. Published on 2026-02-13, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and Chromium security severity of High.
A remote attacker can exploit this vulnerability by crafting an HTML page that triggers the use-after-free, enabling arbitrary code execution inside the browser's sandbox. Exploitation requires user interaction, such as visiting a malicious site, but needs no privileges or special access.
Mitigation involves updating to Google Chrome 145.0.7632.75 or later, as announced in the stable channel update on the Chrome Releases blog (chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html). Additional details are in the Chromium issue tracker (issues.chromium.org/issues/483569511), and a proof-of-concept is publicly available on GitHub (github.com/huseyinstif/CVE-2026-2441-PoC/blob/main/poc.html).
The vulnerability appears in CISA's Known Exploited Vulnerabilities Catalog (cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-2441), signaling real-world exploitation.
Details
- CWE(s)
- KEV Date Added
- 17 February 2026