Description
Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Published: 2026-05-06
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An out‑of‑bounds write vulnerability in the Media component of Google Chrome on macOS and iOS allows a remote attacker, after compromising the renderer process, to execute arbitrary code inside the sandbox. The flaw stems from insufficient bound checks on data used by the Media layer, resulting in a write beyond allocated memory. The attacker can supply a crafted HTML page to trigger the bug, potentially granting them covert control over the sandboxed environment.

Affected Systems

Google Chrome versions on macOS and iOS that are older than 148.0.7778.96 are affected. Users running the Chrome stable channel prior to this build must update to a newer release to remove the vulnerability.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity, showing that exploitability requires the attacker to already compromise the renderer process. No EPSS data is provided, and the vulnerability is not listed in CISA’s KEV catalog, suggesting a lower current exploitation footprint. However, because the flaw enables code execution within the sandbox, the potential impact remains significant, and a remote attacker who achieves the initial compromise could leak information, perform persistent malicious actions, or pivot to higher‑privilege operations. Enterprise environments should consider that the lack of a listed KEV does not eliminate the threat if the vulnerability remains un‑patched.

Generated by OpenCVE AI on May 7, 2026 at 01:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.96 or later on all affected macOS and iOS devices.
  • Enforce deployment policies that block installation or use of earlier Chrome releases that contain the vulnerability.
  • Monitor Chrome update channels and verify that all endpoints receive the latest security patches promptly.

Generated by OpenCVE AI on May 7, 2026 at 01:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 01:15:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Write in Chrome Media Component Allows Remote Code Execution Within Sandbox

Wed, 06 May 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 06 May 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 06 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Weaknesses CWE-787
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-07T03:56:18.561Z

Reserved: 2026-05-05T22:59:19.950Z

Link: CVE-2026-7957

cve-icon Vulnrichment

Updated: 2026-05-06T19:32:55.744Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-06T19:16:44.160

Modified: 2026-05-06T22:16:36.647

Link: CVE-2026-7957

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T01:00:14Z

Weaknesses