Skip to main content

Google Chrome EUVDEUVD-2026-34760

| CVE-2026-11299 MEDIUM
Out-of-bounds Read (CWE-125)
2026-06-05 chrome-cve-admin@google.com GHSA-xx2v-hw92-qxmx
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
SUSE
MEDIUM
qualitative
Red Hat
4.3 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jun 05, 2026 - 16:38 vuln.today
CVSS changed
Jun 05, 2026 - 16:22 NVD
6.5 (None) 6.5 (MEDIUM)
CVE Published
Jun 05, 2026 - 00:17 nvd
UNKNOWN (no severity yet)
CVE Published
Jun 05, 2026 - 00:17 nvd
MEDIUM 6.5

DescriptionCVE.org

Integer overflow in Fonts in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

AnalysisAI

Integer overflow in Google Chrome's Fonts component (versions prior to 149.0.7827.53) enables remote attackers to read out-of-bounds process memory, potentially leaking sensitive in-memory data such as credentials or tokens. Exploitation is constrained by a mandatory user-interaction requirement - a victim must visit a specially crafted HTML page - and Chromium's own severity rating of Low tempers urgency relative to the NVD CVSS Medium score. No public exploit identified at time of analysis, and EPSS stands at 0.03% (11th percentile), indicating very low near-term exploitation probability.

Technical ContextAI

The vulnerability resides in Chrome's Fonts rendering subsystem, where an integer overflow in font-data processing logic produces an out-of-bounds read condition classified under CWE-125. Integer overflows in font parsers are a well-documented browser attack surface: font structures carry large dimension, offset, or length fields that, when arithmetic is performed without adequate bounds checks, can silently wrap around and cause subsequent read operations to access memory well outside the intended buffer. The EUVD entry (EUVD-2026-34760) identifies the affected product range as Google Chrome desktop builds prior to version 149.0.7827.53. A minor classification discrepancy exists between the CVE description - which names 'integer overflow' as the root cause - and the assigned CWE-125 (Out-of-bounds Read), which identifies the downstream consequence; this pairing is consistent with an integer overflow that silently corrupts an index or length value and causes a subsequent read to escape the intended allocation.

RemediationAI

Vendor-released patch: Google Chrome 149.0.7827.53. Users should update immediately via the browser's built-in mechanism (Settings → Help → About Google Chrome triggers an update check and restart) or through enterprise deployment tooling such as Google Admin console or Microsoft Intune. The authoritative vendor release notes are at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html. Given the low EPSS score, Chromium Low severity rating, and SSVC deferred posture, this patch can be applied through a normal scheduled update cycle rather than an emergency out-of-band deployment. As a compensating control prior to patching in restricted enterprise environments, web content filtering policies that block navigation to untrusted or uncategorized domains will reduce exposure to attacker-hosted pages, though this carries usability trade-offs and does not address compromise of legitimate-but-hijacked sites.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed

Share

EUVD-2026-34760 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy