Impact
The vulnerability is insufficient policy enforcement in the Chrome sandbox on macOS. An renderer process could craft an HTML page to escape the sandbox, enabling arbitrary code execution or privilege escalation. The weakness is a sandbox escape that may expose local resources.
Affected Systems
Google Chrome browsers for macOS running versions older than 150.0.7871.47 are impacted; newer releases contain the fix.
Risk and Exploitability
EPSS data is not available. The risk is limited to situations where an attacker has already gained renderer process compromise; no direct remote exploitation is indicated. The vulnerability is not listed in CISA's KEV catalog, indicating no known large-scale exploitation yet.
OpenCVE Enrichment