Description
Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity: High)
Published: 2026-05-14
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability originates in the Media module of Google Chrome’s renderer process. When a JPEG file is parsed, an out‑of‑bounds read can occur, allowing a remote attacker who has already compromised the renderer to read arbitrary process memory and potentially leak sensitive data. This is a classic memory safety failure classified as CWE‑125 and results in confidentiality impact rather than code execution or denial of service.

Affected Systems

Google Chrome running on Linux and ChromeOS platforms is affected for all releases prior to 148.0.7778.168. The stable channel update released on 12 May 2026 removes the bug. Users on older versions of the browser are at risk if they open maliciously crafted JPEG files.

Risk and Exploitability

The CVSS score is 5.3, while the advisory labels the vulnerability as High severity. EPSS information is unavailable, so the current exploitation likelihood is unknown. The flaw is exploitable only if the attacker has already breached the renderer process; thus local privilege escalation or code execution in the renderer is a prerequisite. Because the vulnerability is not listed in the CISA KEV catalog and no widespread exploitation data exists, the attack vector is inferred to be a remote file‑based attack requiring pre‑existing renderer compromise.

Generated by OpenCVE AI on May 14, 2026 at 23:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply Chrome version 148.0.7778.168 or later from the official update channels; this patch eliminates the out‑of‑bounds read in JPEG parsing.
  • Until the update can be installed, avoid opening JPEG files from untrusted sources or disable automatic rendering of JPEG images in the browser settings to reduce the attack surface.
  • Maintain the renderer sandbox and default security restrictions so that compromised renderer processes cannot access sensitive memory outside the bounds of the media module; this is a generic best practice to limit the impact of such memory‑safety bugs.

Generated by OpenCVE AI on May 14, 2026 at 23:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6273-1 chromium security update
History

Fri, 15 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: chromium-browser: Out of bounds read in Media
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 14 May 2026 23:45:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Read in JPEG Parsing Enables Remote Information Disclosure on Linux and ChromeOS

Thu, 14 May 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 14 May 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 14 May 2026 22:00:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Read in JPEG Parsing Enables Remote Information Disclosure on Linux and ChromeOS

Thu, 14 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity: High)
Weaknesses CWE-125
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-14T21:31:23.360Z

Reserved: 2026-05-14T05:40:16.534Z

Link: CVE-2026-8535

cve-icon Vulnrichment

Updated: 2026-05-14T21:31:12.201Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-14T20:17:14.350

Modified: 2026-05-14T22:16:47.700

Link: CVE-2026-8535

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-14T19:52:20Z

Links: CVE-2026-8535 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T23:30:31Z

Weaknesses