Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Remote crafted page needs no privileges but requires the victim to load it (UI:R); a sandbox escape crosses the security authority boundary (S:C) with high CIA impact.
Primary rating from Vendor (Chrome).
CVSS VectorVendor: Chrome
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
AnalysisAI
Sandbox escape in Google Chrome's ANGLE graphics component before 150.0.7871.46 lets a remote attacker break out of the renderer sandbox when a victim loads a malicious web page. The flaw stems from insufficient validation of untrusted input (CWE-20) in ANGLE and carries a CVSS 9.6 due to scope change and full CIA impact, though exploitation requires the user to visit attacker-controlled content. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the victim to load an attacker-crafted HTML page that drives malicious graphics input through ANGLE (the WebGL/GPU path) - i.e. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mixed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker hosts a crafted HTML page containing malicious WebGL/graphics content and lures a target to visit it via phishing, a malvertising placement, or a compromised site. When the page renders, the crafted input triggers the ANGLE input-validation flaw and the attacker potentially escapes the renderer sandbox, gaining code execution at GPU/browser-process privilege. … |
| Remediation | Vendor-released patch: update Google Chrome to 150.0.7871.46 or later via the Stable channel, and on managed fleets force the browser to relaunch so the update actually applies, since Chrome only completes the update after a restart. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Chrome installations and versions across the organization, identifying systems running versions below 150.0.7871.46; establish testing and deployment timeline. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-20 – Improper Input Validation
View allSame technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Critical| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41166
GHSA-8jr8-cv4x-4jmv