This vulnerability involves a use-after-free condition in the codecs module of Google Chrome before version 147.0.7727.101. Exploiting this flaw enables remote code execution inside the browser sandbox through a crafted HTML page. The issue is recognized as high severity by Chromium security, indicating significant risk if exploited. The vulnerability was publicly disclosed on April 15, 2026. No CVSS score is assigned, and no direct patch or remediation information is included in the input data, though a vendor advisory URL is provided for further details.

Successful exploitation could allow a remote attacker to execute arbitrary code within the sandboxed environment of Google Chrome, potentially compromising the security of the affected system. The sandbox containment limits the scope of impact but does not eliminate the risk of code execution. No known active exploits have been reported.

Patch status is not yet confirmed — check the vendor advisory at https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html for current remediation guidance. Users and administrators should monitor this advisory for updates and apply any official fixes once available. Until a patch is confirmed, exercising caution when browsing untrusted sites is advisable.