CVE-2021-30573

HIGH

Google Chrome <92.0.4515.107 - Use After Free

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 11 public exploits for CVE-2021-30573. PoCs published by s4eio, orangmuda, kh4sh3i.

AI-analyzed exploit summary The repository claims to be a PoC for CVE-2021-30573 but contains no actual exploit code, only a README with vague details and a reference to an external HTML file. It lacks technical depth and appears to be a lure for further engagement.

Description

Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Exploits (11)

nomisec SUSPICIOUS 14 stars
by s4eio · poc
https://github.com/s4eio/CVE-2021-30573-PoC-Google-Chrome

The repository claims to be a PoC for CVE-2021-30573 but contains no actual exploit code, only a README with vague details and a reference to an external HTML file. It lacks technical depth and appears to be a lure for further engagement.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec SUSPICIOUS 10 stars
by orangmuda · poc
https://github.com/orangmuda/CVE-2021-30573

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing vague details. No technical analysis or code is included, only a high-level description.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec STUB 2 stars
by kh4sh3i · poc
https://github.com/kh4sh3i/CVE-2021-30573

The repository contains only a README with basic CVE details and usage instructions but lacks actual exploit code or technical analysis. It references an exploit.html file that is not included in the repository.

Classification
Stub 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Vulnerable version of Google Chrome (91 or lower)
devstral-2 · analyzed Feb 18, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/thomsdev/cve-2021-30573

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing minimal technical details. The README reads like a marketing pitch with no substantive analysis or code.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/s4e-lab/cve-2021-30573-poc-google-chrome

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing minimal technical details. The README is vague and lacks depth, resembling a social engineering lure.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/s4e-io/cve-2021-30573-poc-google-chrome

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing minimal technical details. The README reads like a sales pitch with no substantive analysis or code.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/rakhanobe/cve-2021-30573

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing minimal technical details. The README reads like a generic description without depth.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/oxctdev/cve-2021-30573

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file without providing it. The README is vague and lacks technical details.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/onsecuredev/cve-2021-30573

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing minimal technical details. The README reads like a sales pitch with no substantive analysis or code.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/byteofjoshua/cve-2021-30573

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing minimal technical details. The README reads like a sales pitch with no substantive analysis or code.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild SUSPICIOUS
poc
https://github.com/byteofandri/cve-2021-30573

The repository claims to be a PoC for CVE-2021-30573 but lacks actual exploit code, instead referencing an external HTML file and providing minimal technical details. The README reads like a sales pitch with no substantive analysis.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome < 92.0.4515.107
No auth needed
Prerequisites: Google Chrome version 91.0.4472.77 or lower
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Issue Tracking, Patch, Permissions Required, Third Party Advisory x_refsource_misc
https://crbug.com/1216822

Scores

CVSS v3 8.8
EPSS 0.6456
EPSS Percentile 98.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (4)
fedoraproject/fedora 33
fedoraproject/fedora 34
fedoraproject/fedora 35
google/chrome < 92.0.4515.107
Published Aug 03, 2021
Tracked Since Feb 18, 2026