Skip to main content

Google Chrome EUVDEUVD-2026-41156

| CVE-2026-14427 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-07-01 Chrome GHSA-5j96-jmxf-j97q
8.3
CVSS 3.1 · Vendor: Chrome
Share

Severity by source

Vendor (Chrome) PRIMARY
8.3 HIGH
AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
vuln.today AI
8.0 HIGH

Requires prior renderer compromise (PR:L) and reliable heap grooming (AC:H) plus loading a crafted page (UI:R); sandbox escape crosses a trust boundary (S:C) with total host impact.

3.1 AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
4.0 AV:N/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
SUSE
HIGH
qualitative

Primary rating from Vendor (Chrome).

CVSS VectorVendor: Chrome

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 02, 2026 - 01:20 vuln.today
CVSS changed
Jul 02, 2026 - 00:22 NVD
8.3 (HIGH)
CVE Published
Jul 01, 2026 - 22:21 cve.org
UNKNOWN (no severity yet)
CVE Published
Jul 01, 2026 - 22:21 cve.org
HIGH 8.3

DescriptionCVE.org

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

AnalysisAI

Sandbox escape in Google Chrome desktop before 150.0.7871.46 is possible through a heap buffer overflow in the Skia graphics library, letting an attacker who has already compromised the renderer process break out of the sandbox via a crafted HTML page. Rated Critical by Chromium and CVSS 8.3, it is a second-stage bug: it presumes prior renderer code execution rather than granting initial access on its own. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Compromise Chrome renderer via prior bug
Delivery
Serve crafted HTML page
Exploit
Trigger Skia heap buffer overflow
Execution
Corrupt heap across sandbox boundary
Persist
Escape renderer sandbox
Impact
Execute code at higher privilege

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to have ALREADY compromised Chrome's renderer process (typically via a separate prior bug), after which a crafted HTML page rendered through Skia triggers the heap overflow to escape the sandbox. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mixed and should be weighed carefully rather than driven by the raw 8.3. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker first exploits a separate renderer vulnerability to run code inside Chrome's sandboxed renderer, then lures the same session to a crafted HTML page that triggers the Skia heap overflow, corrupting memory to escape the sandbox and gain higher-privileged code execution on the host. Because exploitation requires prior renderer compromise, high complexity, and the victim loading attacker content, it is realistic only as the second stage of a targeted exploit chain. …
Remediation Vendor-released patch: update Google Chrome to 150.0.7871.46 or later on all desktop platforms, then fully restart the browser so the new build loads (per the Chrome Stable channel advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and audit all Chrome instances across the organization and assess user segments with elevated privileges. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

EUVD-2026-41156 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy