What is GHSA-5fc2-9c9r-4rvq?

GHSA-5fc2-9c9r-4rvq is a security advisory published by GitHub Security Advisories with Critical severity. Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker...

Which CVE IDs does GHSA-5fc2-9c9r-4rvq cover?

GHSA-5fc2-9c9r-4rvq covers the following CVE IDs: CVE-2026-9881. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-5fc2-9c9r-4rvq?

GHSA-5fc2-9c9r-4rvq has a CVSS v3 base score of 9.0, published by GitHub Security Advisories.

GHSA-5fc2-9c9r-4rvqCriticalCVSS 9.0

Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker...

Vendor

GitHub Security Advisories

Published

May 29, 2026

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2026-9881 →

📋 Description

Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical)

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2026-9881
https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html
https://issues.chromium.org/issues/505140741
https://github.com/advisories/GHSA-5fc2-9c9r-4rvq