CVE-2023-26226 – CVE-2023-26226 is a use-after-free memory corru... (How to Fix)

Q: What is the severity of CVE-2023-26226?

CVE-2023-26226 has a CVSS score of 9.8 (CRITICAL). CVE-2023-26226 is a use-after-free memory corruption vulnerability in Yandex Browser that allows attackers to execute arbitrary code or cause denial of service. It affects Yandex Browser for Desktop users running versions prior to 24.4.0.682. Attackers can exploit this by tricking users into visiting malicious websites.

📋 TL;DR

CVE-2023-26226 is a use-after-free memory corruption vulnerability in Yandex Browser that allows attackers to execute arbitrary code or cause denial of service. It affects Yandex Browser for Desktop users running versions prior to 24.4.0.682. Attackers can exploit this by tricking users into visiting malicious websites.

💻 Affected Systems

Products:

Yandex Browser for Desktop

Versions: All versions prior to 24.4.0.682

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All standard installations are vulnerable. No special configurations required for exploitation.

📦 What is this software?

Yandex Browser by Yandex

View all CVEs affecting Yandex Browser →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with full system compromise, allowing attackers to install malware, steal data, or create persistent backdoors.

🟠

Likely Case

Browser crash leading to denial of service, or limited code execution within browser sandbox to steal session cookies and credentials.

🟢

If Mitigated

Browser crash with no data loss if sandboxing works properly, requiring user to restart browser.

🌐 Internet-Facing: HIGH - Exploitable through malicious websites without authentication.

🏢 Internal Only: LOW - Requires user interaction with malicious content, similar risk profile regardless of network location.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user to visit malicious website but no authentication needed. Memory corruption vulnerabilities typically require some exploit development skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 24.4.0.682 and later

Vendor Advisory: https://yandex.com/bugbounty/i/hall-of-fame-browser/

Restart Required: Yes

Instructions:

1. Open Yandex Browser. 2. Click menu (three horizontal lines). 3. Select 'About Yandex Browser'. 4. Browser will automatically check for updates and install if available. 5. Restart browser when prompted.

🔧 Temporary Workarounds

Disable JavaScript

all

Prevents exploitation by disabling JavaScript execution, which is typically required for memory corruption attacks.

Browser settings → Site settings → JavaScript → Block

Use alternative browser

all

Temporarily switch to a different browser until Yandex Browser is updated.

🧯 If You Can't Patch

Restrict browser usage to trusted websites only
Implement application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check browser version in menu → About Yandex Browser. If version is lower than 24.4.0.682, system is vulnerable.

Check Version:

yandex-browser --version (Linux) or check via browser interface on Windows/macOS

Verify Fix Applied:

Confirm browser version is 24.4.0.682 or higher in menu → About Yandex Browser.

📡 Detection & Monitoring

Log Indicators:

Browser crash reports
Unexpected process termination
Memory access violation errors

Network Indicators:

Connections to suspicious domains followed by browser crashes
Unusual outbound traffic from browser process

SIEM Query:

process_name:"yandex" AND (event_id:1000 OR event_id:1001) OR process_name:"yandex" AND network_connection AND reputation:malicious

📊 Metadata

CVE ID: CVE-2023-26226

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.08% exploit probability (23th percentile)

Published: May 30, 2025

Last Updated: December 5, 2025

🔗 References

https://yandex.com/bugbounty/i/hall-of-fame-browser/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-26226, you might also want to check these: