Description
Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-06-04
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an integer overflow in the Blink rendering engine. A crafted HTML page can trigger the overflow, allowing a remote attacker to execute arbitrary code inside Chrome’s sandbox. The flaw is identified as both CWE‑190 and CWE‑472, which describe integer overflow leading to unexpected behavior and wraparound risks. The impact is the ability to subvert the sandbox protection and run code with the privileges of the browser process, potentially compromising user data and system integrity.

Affected Systems

Affected systems are users of Google Chrome prior to version 149.0.7827.53, including any release channel that has not yet received the update. Only Chrome on that version baseline is impacted; newer releases contain the fix.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity. The EPSS score is < 1%, suggesting a very low but nonzero exploitation probability. The CVE is not listed in the CISA KEV catalog, meaning no confirmed widespread exploitation. The likely attack vector is a remote attacker delivering a malicious HTML payload, such as hosting the page on a website or sending via email, which when rendered in Chrome triggers the overflow. Because the vulnerability can be triggered via a standard web page, normal browsing activities could lead to exploitation without additional user action, making it a significant threat to any system running the affected Chrome version.

Generated by OpenCVE AI on June 7, 2026 at 15:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Chrome stable channel update that bumps versions to 149.0.7827.53 or later, which contains the Blink integer overflow fix.
  • While waiting for the patch, avoid loading untrusted HTML content or browsing suspicious sites that might host malicious pages.
  • Keep abreast of Chrome security releases and verify that all endpoints are running the fixed version.

Generated by OpenCVE AI on June 7, 2026 at 15:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6325-1 chromium security update
History

Sun, 07 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title Integer Overflow in Blink Enables Sandbox Escape via Crafted HTML Page chromium-browser: Integer overflow in Blink
Weaknesses CWE-190
References
Metrics threat_severity

None

 threat_severity

Moderate

Fri, 05 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Fri, 05 Jun 2026 06:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 05 Jun 2026 04:15:00 +0000

Type Values Removed Values Added
Title Integer Overflow in Blink Enables Sandbox Escape via Crafted HTML Page

Fri, 05 Jun 2026 01:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses CWE-472
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-06T03:56:16.735Z

Reserved: 2026-06-04T17:10:37.073Z

Link: CVE-2026-11171

cve-icon Vulnrichment

Updated: 2026-06-05T00:18:03.295Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-04T23:17:23.847

Modified: 2026-06-05T20:45:30.503

Link: CVE-2026-11171

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-02T00:00:00Z

Links: CVE-2026-11171 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-07T16:00:04Z

Weaknesses
  • CWE-190

    Integer Overflow or Wraparound

  • CWE-472

    External Control of Assumed-Immutable Web Parameter