CVE-2026-8558 - Vulnerability Details

- chromium-browser: chromium-browser: Out of bounds write in Fonts

Description

Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Published: 2026-05-14

Score: 8.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is an out‑of‑bounds write in the font rendering engine of Google Chrome. A malicious HTML page can trigger the flaw to cause the browser to overwrite memory while parsing fonts, potentially allowing an attacker to run arbitrary code inside the sandbox. The issue is classified as CWE‑787 and was given a high severity rating by Chromium.

Affected Systems

The flaw exists in all Google Chrome desktop builds released before version 148.0.7778.168. Users running any earlier stable channel build are susceptible, regardless of operating system. The problem is limited to Chrome and does not affect other browser vendors.

Risk and Exploitability

A remote attacker can exercise the vulnerability by serving a crafted HTML page that the victim visits. No additional privileges or user interaction beyond loading the page are required. The CVSS score of 8.8 indicates high severity; the EPSS score of 0.00038 indicates a very low but non‑zero probability of exploitation, and the flaw is not yet in the CISA KEV catalog, but the attack vector is clearly remote.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Google

Chrome

affected

Version	Status	Constraints
`148.0.7778.168`	affected	< 148.0.7778.168

No data.

Vendor Product Confidence Versions

Google

Chrome

100%

Version	Status	Scheme	Platform
`[148.0.7778.168,148.0.7778.168)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Chrome to version 148.0.7778.168 or later. This update resolves the font rendering out‑of‑bounds write flaw.
Deploy the update through enterprise policy for managed environments to ensure all devices receive the patch promptly.
Continuously monitor vendor advisories and security mailing lists for any new updates or additional mitigations related to this flaw.

Generated by OpenCVE AI on May 15, 2026 at 15:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DSA	DSA-6273-1	chromium security update

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0008.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html
https://issues.chromium.org/issues/503425922
https://nvd.nist.gov/vuln/detail/CVE-2026-8558
https://www.cve.org/CVERecord?id=CVE-2026-8558

History

Fri, 15 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Title	Out‑of‑Bounds Write in Chrome Fonts Enables Remote Code Execution	chromium-browser: chromium-browser: Out of bounds write in Fonts
References		https://nvd.nist.gov/vuln/detail/CVE-2026-8558 https://www.cve.org/CVERecord?id=CVE-2026-8558
Metrics	threat_severity `None`	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Fri, 15 May 2026 11:30:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

Fri, 15 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 14 May 2026 23:45:00 +0000

Type	Values Removed	Values Added
Title		Out‑of‑Bounds Write in Chrome Fonts Enables Remote Code Execution

Thu, 14 May 2026 23:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Google Google chrome
Vendors & Products		Google Google chrome

Thu, 14 May 2026 22:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

Thu, 14 May 2026 20:15:00 +0000

Type	Values Removed	Values Added
Description		Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Weaknesses		CWE-787
References		https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html https://issues.chromium.org/issues/503425922

Subscriptions

Google Chrome

MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2026-05-14T19:52:16.369Z

Updated: 2026-05-15T20:03:45.688Z

Reserved: 2026-05-14T05:40:21.756Z

Link: CVE-2026-8558

Vulnrichment

Updated: 2026-05-14T21:40:52.978Z

NVD

Status : Undergoing Analysis

Published: 2026-05-14T20:17:17.773

Modified: 2026-05-15T21:16:39.133

Link: CVE-2026-8558

Redhat

Severity : Important

Publid Date: 2026-05-14T19:52:16Z

Links: CVE-2026-8558 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-15T15:15:46Z

Weaknesses

CWE-787

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object