Description
Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-06-17
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An object lifecycle flaw in the Metrics component of Google Chrome allows a remote attacker who has already compromised the renderer process to escape the browser sandbox by serving a crafted HTML page. This type of vulnerability maps to CWE-20 and CWE-911, indicating that improper input validation or resource handling can lead to privilege escalation. If exploited, the attacker can gain higher privileges within the host system and potentially execute arbitrary code.

Affected Systems

The flaw is present in Google Chrome versions prior to 149.0.7827.155. Any systems running an older stable release of Chrome are susceptible until the security update that ships with 149.0.7827.155 or later is installed.

Risk and Exploitability

The EPSS score is reported as <1%, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited widespread exploitation to date. The attack requires the attacker to compromise the renderer process first, which typically implies a foothold gained through malicious web content or a compromised user session. Once the renderer is compromised, the attacker can deliver crafted HTML that triggers the object lifecycle issue, leading to a sandbox escape. The CVSS score of 8.3 confirms a high severity rating, and the high severity rating issued by Chromium reflects the potential for remote code execution if the attacker proceeds beyond the initial escape.

Generated by OpenCVE AI on June 19, 2026 at 13:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to version 149.0.7827.155 or later to apply the fix for the Metrics object lifecycle flaw.
  • Ensure that Chrome auto‑updates are enabled so the latest security patches are delivered automatically.
  • If an upgrade cannot be applied immediately, restrict access to untrusted web content—use strict content‑security policies, block suspicious domains, and monitor for abnormal renderer activity.

Generated by OpenCVE AI on June 19, 2026 at 13:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6351-1 chromium security update
History

Fri, 19 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: chromium-browser: Insufficient validation of untrusted input in Metrics
Weaknesses CWE-911
References
Metrics threat_severity

None

threat_severity

Important


Thu, 18 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Title Chrome Renderer Compromise Enables Sandbox Escape

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title Chrome Renderer Compromise Enables Sandbox Escape
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 17 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 17 Jun 2026 05:15:00 +0000

Type Values Removed Values Added
Description Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-20
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-18T03:55:29.946Z

Reserved: 2026-06-16T19:38:33.131Z

Link: CVE-2026-12465

cve-icon Vulnrichment

Updated: 2026-06-17T13:19:27.620Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-17T01:38:25Z

Links: CVE-2026-12465 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-19T13:45:05Z

Weaknesses
  • CWE-20

    Improper Input Validation

  • CWE-911

    Improper Update of Reference Count