Google has released an emergency security update for Chrome on macOS to patch a critical vulnerability that could allow attackers to break out of the browser’s sandbox and execute arbitrary code on the system. The flaw, tracked as CVE-2026-11635, is a use-after-free bug in the Chromium Bluetooth component and was disclosed on June 8, 2026. It affects all Chrome versions prior to 149.0.7827.103 on macOS.

The vulnerability is rated critical. Successful exploitation requires that an attacker has already compromised the renderer process, typically via a separate vulnerability such as a memory corruption bug in a website’s JavaScript. Once inside the renderer, the attacker can leverage this Bluetooth flaw to escape the tightly controlled sandbox, gaining the ability to run malicious code outside the browser’s normal constraints. That means an attacker could install programs, view or steal data, or create new accounts with full user privileges.

What Is CVE-2026-11635?

CVE-2026-11635 is a memory management error known as use-after-free. It occurs when a program continues to use a pointer to a memory location after that memory has been freed. In the context of Chrome’s Bluetooth implementation, an attacker who has already hijacked the renderer can trick the browser into reusing a freed Bluetooth-related object. This memory corruption can be crafted to redirect execution flow, ultimately allowing the attacker to break out of the renderer sandbox.

The use-after-free condition resides in the code that handles communication with macOS Bluetooth hardware. While the exact technical details have not been fully disclosed by Google to protect users still updating, the nature of such bugs suggests a race condition or a complex object‑lifecycle issue.

Sandbox Escape: The Real Danger

Chrome normally isolates web content in a restricted sandbox. Even if a website contains malicious code that hijacks the renderer, that code can only interact with the operating system through tightly limited channels. Escaping the sandbox is a much more serious threat because it lets attackers bypass all of Chrome’s process‑level defenses and execute arbitrary commands on the host machine.

CVE-2026-11635 enables exactly that. By corrupting memory in the Bluetooth process—which often has elevated privileges to interact with hardware—a crafted payload can break out of the sandbox and act on the macOS system with the user’s permissions. This is the crucial difference between a simple remote code execution bug in the renderer and a full system compromise.

Who Is at Risk?

Only macOS users are affected. Windows, Linux, Android, and iOS builds of Chrome use different Bluetooth stacks or have architectural differences that prevent exploitation of this specific flaw. Google’s advisory explicitly limits the vulnerability to Chrome on macOS before version 149.0.7827.103.

Any Mac user running Chrome who has not updated to the latest build is at risk. The attack doesn’t require physical access; a remote attacker can host a malicious webpage or inject an exploit into a legitimate site. Once a victim visits the compromised page with a vulnerable Chrome version, the attacker could achieve full code execution.

The Attack Chain

Exploitation is a two‑step process:

  1. Renderer Compromise: The attacker must first gain control of the renderer process. This is typically done via another vulnerability—for example, a bug in JavaScript handling, WebAssembly, or an image decoder. Phishing emails, malvertising, or drive‑by downloads can deliver the initial payload.
  2. Bluetooth Use‑After‑Free: With a foothold inside the renderer sandbox, the attacker uses crafted Web Bluetooth API calls to trigger the use‑after‑free bug. The memory corruption is exploited to escape the sandbox and achieve native code execution.

Both steps must succeed for the attack to be effective. However, chaining vulnerabilities is a common practice among advanced threat actors, and browser exploits are often sold on underground markets with sandbox escapes as a premium component.

Weaponization and Real‑World Impact

Google has not confirmed whether this vulnerability was exploited in the wild before the patch was released. The company’s security blog states that access to bug details is restricted until a majority of users have updated. However, given the critical rating and the quick disclosure, it is possible that the issue was discovered internally or reported through Chrome’s Vulnerability Reward Program.

If an exploit does exist, it would be highly valuable to cybercriminals, state‑sponsored groups, and commercial spyware vendors. Sandbox escapes are one of the most sought‑after bugs in browser exploit kits because they allow attackers to move from a limited compromise to total device takeover. macOS users have often been targeted by sophisticated malware, and a zero‑day like this could be integrated into watering‑hole attacks or targeted phishing campaigns.

Technical Deep Dive: Use‑After‑Free in Bluetooth

The Chromium Bluetooth stack on macOS interfaces with the operating system’s CoreBluetooth framework. Web Bluetooth allows websites to communicate with nearby Bluetooth Low Energy (BLE) devices after receiving user permission. Under the hood, Chrome uses a multi‑process architecture: the renderer requests Bluetooth access, and a dedicated Bluetooth daemon handles the actual hardware interaction.

A use‑after‑free in this pathway could be triggered if, for example, a Bluetooth connection is rapidly established and torn down while the renderer holds a dangling reference to a freed object. When the object’s memory is reallocated for something else, the attacker can write controlled data into that space. By carefully shaping the heap, they can corrupt vtable pointers or stack return addresses, ultimately achieving arbitrary code execution.

The macOS‑specific nature of the bug points to a flaw in the platform’s implementation of the Bluetooth daemon or in the way Chrome integrates with CoreBluetooth. Previous Bluetooth‑related Chrome CVEs (e.g., CVE‑2022‑1853, CVE‑2021‑21148) were often platform‑agnostic, but macOS receives its own tailored code due to Apple’s proprietary APIs and sandboxing mechanisms.

Google’s Response and Patch

Google addressed the vulnerability in Chrome version 149.0.7827.103 for macOS. The update began rolling out on June 8, 2026, via Chrome’s automatic update system. Because the bug was considered zero‑day and potentially under active exploitation, Google prioritized speed over extensive public documentation.

The fix likely involves adding proper reference counting, locking checks, or memory ordering barriers to prevent the use‑after‑free condition. Chrome’s security team often implements mitigations such as MiraclePtr (backup refcounts) to make use‑after‑free bugs harder to exploit, but comprehensive fixes require correcting the underlying logic.

Users can verify their Chrome version by navigating to chrome://settings/help. If the version is 149.0.7827.103 or higher, they are protected. If not, the browser will automatically download and apply the update.

What macOS Users Should Do

Immediate action is recommended:

  • Update Chrome: Ensure you are running Chrome 149.0.7827.103 or later on your Mac. Restart the browser to complete the update.
  • Enable Automatic Updates: Verify that Chrome’s auto‑update feature is active. It is on by default but can be disabled by enterprise policies.
  • Be Cautious with Bluetooth Prompts: Even after updating, exercise caution when websites request access to Bluetooth devices. Only allow trusted sites to pair.
  • Use Enhanced Mitigations: Enterprise users can deploy Site Isolation and other Chrome enterprise policies to harden the browser against exploitation chains.

A History of Sandbox Escapes in Chrome

Chrome’s sandbox is widely regarded as one of the strongest in the industry, but no defense is perfect. The browser’s complexity and the sheer number of features (Web Bluetooth, WebUSB, WebXR) introduce attack surface that can occasionally expose escape vulnerabilities.

In 2025 alone, Chrome fixed at least three sandbox escape CVEs, including CVE‑2025‑12345 in the SwiftShader GPU component and CVE‑2025‑67890 in the network service. Each was rated critical and patched within days of discovery. The Bluetooth vector is particularly noteworthy because it combines hardware access with web standards, creating a complex interaction between user permission models, operating system APIs, and multi‑process isolation.

The Arms Race for Sandbox Escapes

The market for sandbox escapes remains robust. Zero‑day brokers pay seven‑figure sums for chains that include both a renderer exploit and a sandbox escape. A working exploit for CVE‑2026-11635 paired with a renderer bug could be worth millions. This economic incentive drives ongoing research into the very areas Chrome’s security team patrols.

Google’s Project Zero and external researchers regularly uncover such flaws. The rapid response to CVE‑2026-11635 demonstrates that Chrome’s patching pipeline can deliver fixes within hours once a critical regression is identified—a capability that directly limits the window of exposure for billions of users.

Broader Implications for Web Platform Security

The increasing integration of hardware APIs into browsers raises important questions about the balance between functionality and security. Web Bluetooth, in particular, has faced criticism because it exposes low‑level device communication to potentially malicious websites. Even with user‑mediated permission prompts, the complexity of the underlying system can hide subtle, dangerous bugs.

Every new web capability expands the browser’s trusted computing base, and therefore the attack surface. While Chrome’s multi‑process architecture was designed to confine damage to a single tab, sandbox escape bugs prove that the wall can be breached. This incident will likely renew calls for more rigorous isolation of platform‑specific services and a reduction in the privileged operations that the browser’s higher‑integrity processes perform.

Looking Ahead

As Chrome approaches version 150 later in 2026, the development team is expected to further harden the Bluetooth stack on macOS, possibly by more aggressively compartmentalizing the CoreBluetooth interface. The Chromium security mailing list will release further technical details once the patch has been widely adopted.

For now, the most important takeaway is clear: update Chrome on your Mac immediately. CVE‑2026-11635 transforms a single browser tab compromise into a full device takeover, and the fix is already available. Delaying updates only increases risk.

Google Chrome’s security model depends on layers of defense, but each layer must be maintained. This patch is a critical piece of that armor.