Critical Use After Free and Integer Overflow Vulnerabilities in Fedora Chromium

Critical Use After Free and Integer Overflow Vulnerabilities in Fedora Chromium

First seen 1 Jul 2026, 02:05 UTC Linuxsecurity 98% similarity 70.5
Share:

Article Content

Browse articles
ThreatCluster

On June 25, 2026, three critical vulnerabilities were published affecting Chromium version 149.0.7827.200, specifically CVE-2026-13281 (Integer overflow in Mojo), CVE-2026-13282 (Use after free in Payments), and CVE-2026-13283 (Use after free in AdFilter). These vulnerabilities could potentially allow attackers to exploit memory management issues, leading to arbitrary code execution. Fedora 43 and Fedora 44 users are advised to update their Chromium installations to mitigate these risks. The updates were released on June 26, 2026, and are available via the dnf package manager. The vulnerabilities were confirmed by Than Ngo in the update notifications. As of July 1, 2026, users are urged to ensure their systems are updated to the latest version to avoid exploitation.

Key Points: • Three critical vulnerabilities in Chromium affect Fedora 43 and 44 users. • CVE-2026-13281, CVE-2026-13282, and CVE-2026-13283 were published on June 25, 2026. • Users should update to version 149.0.7827.200 to mitigate the risks associated with these vulnerabilities.

ThreatCluster AI

Timeline

2026-06-25
CVE-2026-13281 published
Integer overflow vulnerability in Mojo reported, affecting Chromium.
Linuxsecurity
2026-06-25
CVE-2026-13282 published
Use after free vulnerability in Payments component disclosed for Chromium.
Linuxsecurity
2026-06-25
CVE-2026-13283 published
Use after free vulnerability in AdFilter component announced for Chromium.
Linuxsecurity
2026-06-26
Chromium update released for Fedora
Update to version 149.0.7827.200 released to address critical vulnerabilities.
Linuxsecurity
2026-07-01
Users urged to update Chromium
As of July 1, users are advised to apply the latest updates to avoid exploitation.
Linuxsecurity

Community

Browse all →