CVE-2026-11202 - Vulnerability Details

- chromium-browser: chromium-browser: Insufficient validation of untrusted input in Chrome for iOS

Description

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Published: 2026-06-04

Score: 8.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability originates from an improper implementation in Chrome for iOS, where a crafted HTML page can trigger a sandbox escape. The flaw enables a remote attacker to cross the browser sandbox boundary, potentially executing code with higher privileges than intended and compromising the confidentiality, integrity, or availability of the device. The weakness is a classic input validation/escaping issue classified as CWE‑20.

Affected Systems

Affected vendor is Google, product Chrome for iOS, version prior to 149.0.7827.53. All Chrome for iOS releases earlier than that patch are vulnerable.

Risk and Exploitability

The flaw can be exploited remotely by delivering a crafted HTML page to the user, and the attack vector is a remote web-based vector. Although the EPSS score is < 1% and the CVE is not listed in the CISA KEV catalog, the high severity designation—reflected in a CVSS score of 8.8—indicates that the exploit is feasible with moderate effort. The low EPSS score suggests that large-scale exploitation is unlikely at present, yet the potential impact of sandbox escape warrants significant attention.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Google

Chrome

affected

Version	Status	Constraints
`149.0.7827.53`	affected	< 149.0.7827.53

Configuration 1 [-]

AND

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Google

Chrome

100%

Version	Status	Scheme	Platform
`[0,149.0.7827.53)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update Chrome for iOS to version 149.0.7827.53 or newer via the App Store
Remove any older Chrome installations to prevent accidental downgrade to a vulnerable build
If the device is managed, enforce a policy that blocks installation of older Chrome versions until the patch is deployed

Generated by OpenCVE AI on June 5, 2026 at 16:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DSA	DSA-6325-1	chromium security update

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00234.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html
https://issues.chromium.org/issues/505144022
https://nvd.nist.gov/vuln/detail/CVE-2026-11202
https://www.cve.org/CVERecord?id=CVE-2026-11202

History

Tue, 09 Jun 2026 00:15:00 +0000

Type	Values Removed	Values Added
Title		chromium-browser: chromium-browser: Insufficient validation of untrusted input in Chrome for iOS
References		https://nvd.nist.gov/vuln/detail/CVE-2026-11202 https://www.cve.org/CVERecord?id=CVE-2026-11202
Metrics	threat_severity `None`	threat_severity `Moderate`

Sat, 06 Jun 2026 01:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple iphone Os
CPEs		cpe:2.3:a:google:chrome:::::::: cpe:2.3:o:apple:iphone_os:-:::::::*
Vendors & Products		Apple Apple iphone Os

Fri, 05 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Title	Sandbox Escape via Crafted HTML in Chrome for iOS

Fri, 05 Jun 2026 15:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 05 Jun 2026 06:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Google Google chrome
Vendors & Products		Google Google chrome

Fri, 05 Jun 2026 04:00:00 +0000

Type	Values Removed	Values Added
Title		Sandbox Escape via Crafted HTML in Chrome for iOS

Thu, 04 Jun 2026 23:15:00 +0000

Type	Values Removed	Values Added
Description		Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses		CWE-20
References		https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/505144022

Subscriptions

Apple Iphone Os

Google Chrome

MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2026-06-04T23:05:42.299Z

Updated: 2026-06-05T14:41:13.830Z

Reserved: 2026-06-04T17:10:47.149Z

Link: CVE-2026-11202

Vulnrichment

Updated: 2026-06-05T14:41:09.675Z

NVD

Status : Analyzed

Published: 2026-06-04T23:17:27.380

Modified: 2026-06-06T01:36:17.373

Link: CVE-2026-11202

Redhat

Severity : Moderate

Publid Date: 2026-06-02T00:00:00Z

Links: CVE-2026-11202 - Bugzilla

OpenCVE Enrichment

Updated: 2026-06-05T17:00:16Z

Weaknesses

CWE-20
Improper Input Validation

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object