Skip to main content

Google Chrome EUVDEUVD-2026-34695

| CVE-2026-11234 MEDIUM
Protection Mechanism Failure (CWE-693)
2026-06-04 chrome-cve-admin@google.com GHSA-pm3c-hfh2-87gg
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
SUSE
MEDIUM
qualitative
Red Hat
6.8 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jun 05, 2026 - 14:24 vuln.today
CVSS changed
Jun 05, 2026 - 14:22 NVD
4.3 (None) 4.3 (MEDIUM)
CVE Published
Jun 04, 2026 - 23:17 nvd
UNKNOWN (no severity yet)
CVE Published
Jun 04, 2026 - 23:17 nvd
MEDIUM 4.3

DescriptionCVE.org

Inappropriate implementation in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Low)

AnalysisAI

Site isolation bypass in Google Chrome's FoldableAPIs component allows a remote attacker who has already compromised the renderer process to cross origin boundaries via a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53. The vulnerability carries a CVSS 4.3 score, an EPSS of 0.02% (4th percentile), is not listed in CISA KEV, and no public exploit has been identified - consistent with Chromium's own 'Low' severity rating. A vendor-released patch (149.0.7827.53) is available.

Technical ContextAI

FoldableAPIs is a Chrome renderer-side feature set designed to expose device-posture and screen-fold information to web content, enabling responsive layouts on foldable devices. An inappropriate implementation in this subsystem maps to CWE-693 (Protection Mechanism Failure), meaning a security control - here, Chrome's Site Isolation architecture, which confines each origin's renderer to a dedicated process - is circumvented rather than directly broken. Because site isolation is Chrome's primary defense against Spectre-class cross-origin data leakage and cross-site scripting escalation, a bypass undermines a critical sandbox boundary. The CVSS vector S:U (unchanged scope) and C:L (low confidentiality impact) suggest the practical data exposure is constrained, which aligns with the Low Chromium severity designation. The affected version range is Google Chrome < 149.0.7827.53 as confirmed by the ENISA EUVD entry EUVD-2026-34695 and the Google Chrome Releases advisory.

RemediationAI

Upgrade Google Chrome to version 149.0.7827.53 or later - this is the vendor-released patch confirmed via the official Chrome Releases advisory at chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html. Chrome's automatic update mechanism should handle delivery for most users; enterprise administrators managing Chrome deployments via policy should push the 149.0.7827.53 update through their management console. Because exploitation requires a prior renderer compromise, organizations unable to patch immediately should prioritize disabling or restricting use of experimental foldable-device APIs via enterprise policies if such controls are available, though this workaround would only reduce the attack surface if FoldableAPIs exposure can be isolated. No workaround fully eliminates the risk of a chained renderer-plus-isolation-bypass exploit chain; patching remains the only confirmed remediation.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed

Share

EUVD-2026-34695 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy