Description
Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-08
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability originates from insufficient validation of untrusted input in the Dawn rendering engine used by Google Chrome on Linux and ChromeOS. An attacker who has already compromised the renderer process could serve a specially crafted HTML page that may allow the renderer to escape its sandbox, potentially leading to arbitrary code execution with elevated privileges. This reflects a failure to properly validate input (CWE‑20).

Affected Systems

Google Chrome versions prior to 149.0.7827.103 on Linux and ChromeOS devices are affected. All newer releases contain the fix. No other platforms or products are listed as impacted.

Risk and Exploitability

The flaw is rated as a high‑severity issue by Chromium Security, but the exploitability depends on an initial compromise of the renderer process, which is a non‑trivial prerequisite. The CVSS score is 8.3. The EPSS score is not available and the vulnerability is not currently listed in CISA’s KEV catalog. In practice, an attacker would need to execute code in the renderer context, then supply a crafted HTML page to trigger the sandbox escape. The lack of available public exploits and the high severity suggest that the risk to users of unpatched Chrome versions is significant, especially in environments where the renderer process is exposed to untrusted content.

Generated by OpenCVE AI on June 9, 2026 at 12:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 149.0.7827.103 or later on all affected Linux and ChromeOS systems.
  • If an update is not immediately possible, enforce stricter content security policies or use enterprise management to prevent untrusted HTML from being rendered in the browser.
  • Ensure Chrome’s auto‑update mechanism is enabled and monitor Google’s release notes for future patches.

Generated by OpenCVE AI on June 9, 2026 at 12:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
Title Untrusted Input Leads to Sandbox Escape in Chrome's Dawn Engine on Linux and ChromeOS

Tue, 09 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 02:00:00 +0000

Type Values Removed Values Added
Title Untrusted Input Leads to Sandbox Escape in Chrome's Dawn Engine on Linux and ChromeOS

Tue, 09 Jun 2026 01:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Mon, 08 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Description Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-20
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-10T03:58:16.817Z

Reserved: 2026-06-08T21:33:49.459Z

Link: CVE-2026-11676

cve-icon Vulnrichment

Updated: 2026-06-09T10:38:15.345Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T00:16:50.883

Modified: 2026-06-09T11:16:49.117

Link: CVE-2026-11676

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T12:30:04Z

Weaknesses