Description
Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
Published: 2026-04-23
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote sandbox escape via GPU race condition
Action: Patch Now
AI Analysis

Impact

The vulnerability is a race condition in the graphics processing unit handling within Google Chrome on Windows. A crafted video file can trigger the race, allowing a remote attacker to escape the browser sandbox and potentially execute arbitrary code at the host system level. The weakness is classified as CWE‑362 and CWE‑368 and can compromise confidentiality, integrity, and availability by granting the attacker unrestricted access to the operating system.

Affected Systems

Google Chrome on Windows, versions prior to 147.0.7727.117. The issue is limited to the Windows build of Chrome; no affected versions are listed for Android or Linux kernels in the current advisory.

Risk and Exploitability

The CVSS score of 8.3 indicates high severity, yet the EPSS score of less than 1% suggests a low probability of exploitation at this time. The vulnerability is not listed in CISA KEV. Exploitation would likely involve an attacker delivering a malicious video file to a user’s browser, a method that requires user interaction but can be piggybacked on phishing or drive‑by situations. Given the low EPSS, the risk remains moderate under current conditions, but the potential impact warrants timely action.

Generated by OpenCVE AI on April 29, 2026 at 02:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 147.0.7727.117 or newer.
  • If an immediate update is not possible, disable hardware acceleration through Chrome settings or the Windows Policy “DisableHardwareAcceleration”.
  • Monitor browser traffic for unusually large or suspicious video file downloads and block them as part of a broader security policy.

Generated by OpenCVE AI on April 29, 2026 at 02:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6230-1 chromium security update
History

Wed, 29 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Title GPU Race Condition Allowing Sandbox Escape in Chrome Google Chrome: Chromium: chromium-browser: Race in GPU
Weaknesses CWE-368
References
Metrics threat_severity

None

 threat_severity

Important

Tue, 28 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
Title GPU Race Condition Allowing Sandbox Escape in Chrome

Fri, 24 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Google chrome
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Google
Google android
Google chrome
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Fri, 24 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
Weaknesses CWE-362
References

Subscriptions

Google Android Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-04-24T13:38:08.991Z

Reserved: 2026-04-23T16:11:31.076Z

Link: CVE-2026-6921

cve-icon Vulnrichment

Updated: 2026-04-23T17:34:17.239Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-23T18:16:30.790

Modified: 2026-04-24T16:39:30.307

Link: CVE-2026-6921

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-23T16:12:24Z

Links: CVE-2026-6921 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T02:30:07Z

Weaknesses