An out‑of‑bounds write vulnerability in the Media component of Google Chrome on macOS and iOS allows a remote attacker, after compromising the renderer process, to execute arbitrary code inside the sandbox. The flaw stems from insufficient bound checks on data used by the Media layer, resulting in a write beyond allocated memory. The attacker can supply a crafted HTML page to trigger the bug, potentially granting them covert control over the sandboxed environment.

Google Chrome versions on macOS and iOS that are older than 148.0.7778.96 are affected. Users running the Chrome stable channel prior to this build must update to a newer release to remove the vulnerability.

The CVSS score of 8.8 indicates high severity, showing that exploitability requires the attacker to already compromise the renderer process. No EPSS data is provided, and the vulnerability is not listed in CISA’s KEV catalog, suggesting a lower current exploitation footprint. However, because the flaw enables code execution within the sandbox, the potential impact remains significant, and a remote attacker who achieves the initial compromise could leak information, perform persistent malicious actions, or pivot to higher‑privilege operations. Enterprise environments should consider that the lack of a listed KEV does not eliminate the threat if the vulnerability remains un‑patched.