What is the CVSS score of CVE-2026-11694?

CVE-2026-11694 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Google Chrome are affected by CVE-2026-11694?

Google Chrome versions prior to 149.0.7827.103 contain a high-severity vulnerability (CVE-2026-11694) enabling arbitrary code execution within compromised browser processes.. A patch is available.

How to fix or mitigate CVE-2026-11694?

Within 24 hours: Deploy Chrome version 149.0.7827.103 or later organization-wide; enable auto-update enforcement if not already active; issue mandatory user notification. Within 7 days: Verify 100% update compliance across all endpoints through endpoint management telemetry. Within 30 days: Monitor threat intelligence feeds and security logs for any exploitation attempts or evidence of active renderer-level compromises.

Google Chrome CVE-2026-11694

EUVD-2026-35220 HIGH

Use After Free (CWE-416)

2026-06-09 chrome-cve-admin@google.com

GHSA-qhww-xqqg-m6hv

Google Memory Corruption RCE Use After Free Denial Of Service Red Hat Suse

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

SUSE

CRITICAL

qualitative

Red Hat

9.0 HIGH

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Jun 09, 2026 - 02:37 vuln.today

CVSS changed

Jun 09, 2026 - 01:22 NVD

7.5 (HIGH)

CVE Published

Jun 09, 2026 - 00:16 nvd

UNKNOWN (no severity yet)

CVE Published

Jun 09, 2026 - 00:16 nvd

HIGH 7.5

DescriptionCVE.org

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

AnalysisAI

Sandboxed remote code execution in Google Chrome versions prior to 149.0.7827.103 allows attackers who have already compromised the renderer process to execute arbitrary code via a crafted HTML page that triggers a use-after-free in the ServiceWorker component. Rated High severity by Chromium with a CVSS 7.5, the flaw requires user interaction (visiting a malicious page) and a pre-existing renderer compromise, and no public exploit has been identified at time of analysis. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Lure victim to malicious site

Delivery

Compromise renderer via separate bug

Exploit

Execution

Trigger use-after-free in ServiceWorker

Persist

Gain memory corruption primitive

Impact

Execute arbitrary code in sandbox

Access

Lure victim to malicious site

Delivery

Compromise renderer via separate bug

Exploit

Execution

Trigger use-after-free in ServiceWorker

Persist

Gain memory corruption primitive

Impact

Execute arbitrary code in sandbox

Vulnerability AssessmentAI

Exploitation	The attacker must have already compromised the Chrome renderer process (typically via a separate renderer bug) before this flaw can be triggered, and the victim must interact by loading a crafted HTML page that registers/manipulates a malicious ServiceWorker. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) scores 7.5 (High), reflecting network reach but tempered by High attack complexity and required user interaction. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker first achieves code execution in a Chrome renderer process via a separate vulnerability (for example a V8 type-confusion bug) on a victim who visits an attacker-controlled site. From that foothold, attacker-supplied JavaScript on the crafted HTML page registers and manipulates a ServiceWorker to trigger the use-after-free, gaining a stable memory-corruption primitive used to execute arbitrary code still inside the renderer sandbox - a typical stepping stone toward a follow-on sandbox-escape exploit. …
Remediation	Update Google Chrome to 149.0.7827.103 or later via the Stable channel; the patch is available per the Chrome Releases advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html and tracked in the upstream issue https://issues.chromium.org/issues/517705966. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Deploy Chrome version 149.0.7827.103 or later organization-wide; enable auto-update enforcement if not already active; issue mandatory user notification. …

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Critical

Product	Status
openSUSE Leap 16.0	Fixed
openSUSE Tumbleweed	Fixed

CVE-2026-11694 vulnerability details – vuln.today

Back

Google Chrome CVE-2026-11694

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Vendor StatusVendor

SUSE

Share

External POC / Exploit Code