Skip to main content

Google Chrome CVE-2026-11005

| EUVDEUVD-2026-34454 MEDIUM
Out-of-bounds Read (CWE-125)
2026-06-04 chrome-cve-admin@google.com GHSA-m5vx-248p-g3g7
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Red Hat
5.7 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jun 09, 2026 - 04:31 vuln.today
CVSS changed
Jun 09, 2026 - 02:22 NVD
5.3 (MEDIUM)
CVE Published
Jun 04, 2026 - 23:17 nvd
MEDIUM 5.3
CVE Published
Jun 04, 2026 - 23:17 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

Out of bounds read in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

AnalysisAI

Out-of-bounds read in Chrome's ANGLE graphics layer on Windows exposes sensitive process memory to an attacker who has already achieved renderer compromise. Affected are all Chrome for Windows installations prior to 149.0.7827.53; macOS, Linux, Android, and iOS are not in scope per available data. No public exploit code exists and no active exploitation is confirmed - EPSS at 0.03% (11th percentile) and SSVC exploitation status of 'none' jointly indicate this is a low-priority real-world threat, functioning primarily as a post-exploitation information-disclosure step in a multi-stage browser attack chain rather than a standalone critical vulnerability.

Technical ContextAI

ANGLE (Almost Native Graphics Layer Engine) is Google's cross-platform OpenGL ES implementation embedded in Chrome that translates OpenGL calls to platform-native graphics APIs - on Windows, primarily DirectX. CWE-125 (Out-of-bounds Read) describes a memory safety flaw where a read operation accesses memory beyond the bounds of an allocated buffer. In a GPU/graphics context, this can expose arbitrary adjacent memory regions to the attacker, including data from other browser processes or sensitive in-memory state. The Windows-specific nature of this vulnerability strongly implies the flaw is in ANGLE's DirectX translation path rather than the shared OpenGL abstraction layer. Chrome's multi-process architecture places HTML rendering and GPU compositing in sandboxed renderer processes, meaning this flaw is exercised from within a pre-compromised renderer context sending malformed GPU commands through ANGLE.

RemediationAI

Update Google Chrome on Windows to version 149.0.7827.53 or later, the vendor-released patch documented at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html. Chrome's built-in auto-update mechanism will apply this silently on most consumer systems; enterprise administrators using group policy or third-party patch management should verify deployment and confirm the installed version via chrome://settings/help. As an interim compensating control before patching, enforcing Chrome's Strict Site Isolation policy (--site-per-process, which is default in modern Chrome but can be explicitly mandated via enterprise policy) limits cross-origin data accessible to a compromised renderer, reducing the value of any memory leak. Blocking access to untrusted external web content through URL filtering reduces the renderer-compromise attack surface that is a prerequisite for this flaw. No workaround eliminates the underlying out-of-bounds read; patching is the only definitive fix.

Vendor StatusVendor

SUSE

Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Leap 16.0 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-11005 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy