One day short of a full chain: Part 3 - Chrome renderer RCE

In this last post of the series, I’ll exploit a use-after-free in the Chrome renderer (CVE-2020-15972), a bug that I reported in September 2020 but turned out to be a duplicate, to gain remot...

By Nebula Pioneer · March 16, 2026 · 1 min read

One day short of a full chain: Part 3 - Chrome renderer RCE

security
vulnerability research
github security lab
mymo

Source: The GitHub Blog

In this last post of the series, I’ll exploit a use-after-free in the Chrome renderer (CVE-2020-15972), a bug that I reported in September 2020 but turned out to be a duplicate, to gain remote code execution in the sandboxed renderer process in Chrome.