Description
A vulnerability flaw was found in the WebRTC component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=498841456
Published: n/a
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the WebRTC component of Chromium and can be triggered by crafted media packets. An attacker may force the browser to crash or become unresponsive, disrupting user sessions and potentially leading to workflow interruptions. This flaw falls under a buffer or memory safety weakness that compromises the integrity of the application.

Affected Systems

All users of the Chromium browser are potentially impacted, as specific version numbers are not listed in the advisory. The lack of version information suggests that any current release could be vulnerable until an official update is issued. Environments that rely on Chromium for secure communication should verify that their installed version is up to date or plan to upgrade.

Risk and Exploitability

The CVSS score of 6.5 indicates a moderate level of risk, while no EPSS data is available, making precise exploitation likelihood hard to assess. The flaw is not listed in the CISA KEV catalog. Likely remote exploitation would involve delivering malicious WebRTC traffic to an affected browser over public or private networks. Because WebRTC exchanges media via UDP, an attacker could target a reachable user without needing privileged access.

Generated by OpenCVE AI on June 9, 2026 at 01:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Chromium to the latest stable release as announced by Google.
  • If an immediate update is not possible, disable WebRTC in the browser settings or via enterprise policy to block media stream processing.
  • Continue to monitor Google’s Chromium blog and security advisories for patches and apply them promptly.

Generated by OpenCVE AI on June 9, 2026 at 01:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6325-1 chromium security update
History

Tue, 09 Jun 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Chromium
Chromium browser
Vendors & Products Chromium
Chromium browser

Tue, 09 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Description A vulnerability flaw was found in the WebRTC component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=498841456
Title chromium-browser: chromium-browser: VULNERABILITY in WebRTC
References
Metrics threat_severity

None

 cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

threat_severity

Moderate

Subscriptions

Chromium Browser
cve-icon MITRE

No data.

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-02T00:00:00Z

Links: CVE-2026-11053 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T09:00:55Z

Weaknesses

No weakness.