Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Network-delivered via crafted HTML page (AV:N, AC:L), no attacker privileges needed (PR:N), victim must actively visit the page (UI:R), impact is confidentiality-only cross-origin data leak with no integrity or availability consequence (C:H/I:N/A:N).
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionNVD
Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
AnalysisAI
Cross-origin data exfiltration in Google Chrome's ANGLE graphics layer exposes sensitive browser memory contents to remote attackers who can induce a victim to visit a crafted HTML page. The out-of-bounds read in ANGLE (Chrome's cross-platform graphics abstraction engine) affects all Chrome desktop versions prior to 150.0.7871.46, confirmed by Google's stable channel advisory. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a victim using a vulnerable Chrome version (prior to 150.0.7871.46) to actively visit an attacker-controlled or compromised web page - the CVSS UI:R metric confirms passive or network-only exploitation is not possible. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N scores 6.5 (Medium). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious HTML page that triggers an out-of-bounds read within Chrome's ANGLE graphics layer during page rendering. The victim is directed to this page via phishing email, malvertising banner, or compromised website redirect, and upon rendering, the browser leaks cross-origin memory contents - potentially including session tokens or sensitive page data from other open tabs or frames - back to the attacker's server. … |
| Remediation | Update Google Chrome to version 150.0.7871.46 or later, the vendor-confirmed patched release documented at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41178
GHSA-q6j6-g24g-p9x4