Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted XML file. (Chromium security severity: Medium)
AnalysisAI
Type confusion in Google Chrome's XML processing engine exposes process memory contents to remote attackers who can deliver a crafted XML file to a victim. Versions prior to 149.0.7827.53 are affected, with confidentiality impact rated High (C:H) despite an overall CVSS score of 6.5 due to the required user interaction. No public exploit code has been identified and EPSS stands at 0.03% (11th percentile), indicating low observed exploitation pressure; no KEV listing confirms active exploitation at this time.
Technical ContextAI
The root cause is CWE-843 (Type Confusion), in which Chrome's XML subsystem incorrectly handles the type of an object during parsing of a specially crafted XML file. When a type confusion occurs in a memory-managed environment such as Chromium's renderer process, it can allow a read operation to be performed against unintended memory regions, leaking potentially sensitive data held in the process at that time - such as cookies, session tokens, or heap-resident credentials. The vulnerability resides in Chromium's XML parsing component and is classified at Chromium security severity Medium. Affected product is Google Chrome (all platforms) on versions prior to 149.0.7827.53, as documented in EUVD-2026-34657 and the Chrome stable channel release advisory.
RemediationAI
Vendor-released patch: Chrome 149.0.7827.53. Users and administrators should update all Chrome installations to version 149.0.7827.53 or later using Chrome's built-in update mechanism (Settings > Help > About Google Chrome) or via enterprise deployment tools such as Google Update or managed browser policy. The official advisory is at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html. If immediate patching is not feasible, a compensating control is to restrict or block access to untrusted XML-delivering sources at the network perimeter or endpoint (e.g., content filtering to block delivery of application/xml and text/xml MIME types from non-trusted origins), though this may disrupt legitimate XML-based web applications. Browser isolation or sandboxed browsing environments can reduce the impact of memory disclosure by limiting what sensitive data resides in the renderer process.
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Medium| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34657
GHSA-g4vh-hh62-jgqc