Description
Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-08
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability originates from insufficient validation of untrusted input in the Dawn rendering engine used by Google Chrome on Linux and ChromeOS. An attacker who has already compromised the renderer process could serve a specially crafted HTML page that may allow the renderer to escape its sandbox, potentially leading to arbitrary code execution with elevated privileges. This reflects a failure to properly validate input (CWE-20, CWE-1286).

Affected Systems

Google Chrome versions prior to 149.0.7827.103 on Linux and ChromeOS devices are affected. All newer releases contain the fix. No other platforms or products are listed as impacted.

Risk and Exploitability

The flaw is rated as a high‑severity issue by Chromium Security, but the exploitability depends on an initial compromise of the renderer process, which is a non‑trivial prerequisite. The CVSS score is 8.3. The EPSS score is < 1%, indicating a very low exploitation probability, and the vulnerability is not currently listed in CISA’s KEV catalog. In practice, an attacker would need to execute code in the renderer context, then supply a crafted HTML page to trigger the sandbox escape. The lack of available public exploits and the high severity suggest that the risk to users of unpatched Chrome versions is significant, especially in environments where the renderer process is exposed to untrusted content.

Generated by OpenCVE AI on June 11, 2026 at 02:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 149.0.7827.103 or later on all affected Linux and ChromeOS systems. This patch addresses the issues related to CWE‑20 and CWE‑1286.
  • Implement strict content security policies that validate and sanitize untrusted HTML input, mitigating the input‑validation weaknesses identified by CWE‑20.
  • Use enterprise management or group policies to restrict the rendering of third‑party content or to isolate sandboxed contexts, reducing the impact should a renderer process be compromised.
  • Continuously monitor Google’s release notes and security bulletins for further updates and apply them promptly.

Generated by OpenCVE AI on June 11, 2026 at 02:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6337-1 chromium security update
History

Thu, 11 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Title Chromium Dawn Engine Allows Renderer Sandbox Escape via Unvalidated HTML Input chromium-browser: Insufficient validation of untrusted input in Dawn
Weaknesses CWE-1286
References
Metrics threat_severity

None

 threat_severity

Important

Wed, 10 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Title Chromium Dawn Engine Allows Renderer Sandbox Escape via Unvalidated HTML Input

Wed, 10 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Google chrome Os
Linux
Linux linux Kernel
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vendors & Products Google chrome Os
Linux
Linux linux Kernel

Tue, 09 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
Title Untrusted Input Leads to Sandbox Escape in Chrome's Dawn Engine on Linux and ChromeOS

Tue, 09 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 02:00:00 +0000

Type Values Removed Values Added
Title Untrusted Input Leads to Sandbox Escape in Chrome's Dawn Engine on Linux and ChromeOS

Tue, 09 Jun 2026 01:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Mon, 08 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Description Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-20
References

Subscriptions

Google Chrome Chrome Os
Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-10T03:58:16.817Z

Reserved: 2026-06-08T21:33:49.459Z

Link: CVE-2026-11676

cve-icon Vulnrichment

Updated: 2026-06-09T10:38:15.345Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-09T00:16:50.883

Modified: 2026-06-10T15:32:52.960

Link: CVE-2026-11676

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-08T00:00:00Z

Links: CVE-2026-11676 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T02:45:03Z

Weaknesses