Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Out of bounds memory access in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
AnalysisAI
Out-of-bounds memory access in the ANGLE graphics translation layer of Google Chrome before 149.0.7827.53 allows a remote attacker to read or corrupt memory by luring a user to a crafted HTML page. The flaw carries a CVSS 8.8 rating due to high impact on confidentiality, integrity, and availability, though Chromium rates the security severity as Medium and EPSS is very low (0.03%). No public exploit identified at time of analysis, and the issue is not on the CISA KEV list.
Technical ContextAI
ANGLE (Almost Native Graphics Layer Engine) is the abstraction layer Chrome uses to translate WebGL and other OpenGL ES API calls onto the host platform's native graphics APIs (Direct3D on Windows, Metal on macOS, Vulkan/OpenGL on Linux). The CWE-125 (Out-of-bounds Read) class typically arises when GPU command or shader processing fails to validate buffer indices or sizes derived from web-supplied content, allowing memory adjacent to a legitimate allocation to be accessed. Because ANGLE runs inside the Chrome GPU process, OOB issues here can leak sensitive process memory or, when chained with adjacent corruption primitives, contribute to sandbox-aware exploitation.
RemediationAI
Vendor-released patch: Google Chrome 149.0.7827.53 - upgrade Chrome Stable to 149.0.7827.53 or later via the built-in updater or enterprise deployment tooling, then restart the browser to load the fixed binaries; the advisory is published at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html and the underlying bug is tracked at https://issues.chromium.org/issues/503392431. Administrators of Chromium-based browsers (Edge, Brave, Opera, Vivaldi) should monitor their vendors' channels and apply the corresponding ANGLE update. If patching must be deferred, compensating controls include disabling hardware-accelerated WebGL via the chrome://flags 'Override software rendering list' / 'WebGL' settings or the DisableWebGL/Hardware acceleration enterprise policies - this blocks the ANGLE code path most likely to reach the bug but will break legitimate WebGL/Canvas-accelerated sites and degrade graphics performance for video and maps. Strict URL allowlisting via SafeSites or web proxy filtering reduces exposure to crafted hostile pages at the cost of operational overhead.
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Important| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Leap 16.0 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34652
GHSA-r79w-gpv4-pww2