Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Network-delivered HTML with user interaction, but requires a prior renderer compromise to reach the bug, so AC:H; successful escape changes scope and yields high C/I/A in the browser process.
Primary rating from Vendor (Chrome).
CVSS VectorVendor: Chrome
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
AnalysisAI
Sandbox escape in Google Chrome prior to 149.0.7827.115 allows a remote attacker who has already compromised the renderer process to break out of the Headless component sandbox via a crafted HTML page. The flaw is rated High severity by Chromium and carries CVSS 9.6 due to scope change and user interaction, though EPSS remains very low (0.03%) and there is no public exploit identified at time of analysis. A vendor patch is available in the stable channel update published June 2026.
Technical ContextAI
Headless mode in Chromium (cpe:2.3:a:google:chrome) is the runtime used for automation, printing, and PDF generation, and runs renderer logic in a sandboxed child process. The root cause class (CWE-250: Execution with Unnecessary Privileges) indicates that the Headless component performed an operation with broader privileges than required, providing a path for an already-compromised renderer to cross the sandbox boundary. Because Chromium's sandbox is the last line of defense against a malicious page that has corrupted the renderer, weakening that boundary effectively turns an in-renderer bug into full browser-process code execution.
RemediationAI
Vendor-released patch: update Google Chrome to 149.0.7827.115 or later on the stable channel as documented at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01962725236.html, and verify enterprise auto-update policies (chrome://settings/help) are not blocking rollout. For fleets using Headless Chrome for automation, CI, or server-side PDF rendering, prioritize updating those images because Headless is the specifically impacted component; pin to the patched version in container base images. As an interim compensating control where patching is delayed, avoid running Headless Chrome against untrusted HTML inputs and isolate Headless workers in a separate OS-level sandbox (e.g., gVisor, seccomp, or a disposable VM), accepting the trade-off of added latency and operational complexity.
Same weakness CWE-250 – Execution with Unnecessary Privileges
View allSame technique Privilege Escalation
View allVendor StatusVendor
SUSE
Severity: Critical| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36347
GHSA-88g6-23mm-rpg4