Description
Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-05-28
Score: 9.6 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An out‑of‑bounds write in the GPU driver code of Google Chrome for Android that existed before version 148.0.7778.216 can be triggered by a crafted HTML page. The vulnerability allows an attacker to corrupt memory, potentially escaping the browser sandbox and executing arbitrary code on the device. The weakness is typical of memory corruption errors (CWE‑787) and can compromise confidentiality, integrity, and availability of the affected device.

Affected Systems

Google Chrome for Android on any device running a Chromium build older than 148.0.7778.216. The impact applies to all installations that have not yet upgraded to the patched version published in the May 2026 stable channel release.

Risk and Exploitability

The security severity is marked as Critical by Chromium. The CVSS score is 9.6, reflecting a very high risk. No EPSS score is available, and the vulnerability is not listed in CISA’s KEV catalog. The most likely attack vector is a malicious web page that the user visits, which triggers the GPU bug and leads to sandbox escape. Given the critical rating and the absence of mitigation firmware in older builds, the risk remains high until the browser is updated.

Generated by OpenCVE AI on May 29, 2026 at 13:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Chrome to version 148.0.7778.216 or later, which contains the GPU bug fix.
  • If an immediate update is not possible, disable hardware acceleration in Chrome – e.g., enable “Disable Hardware Acceleration” in Settings or launch Chrome with the --disable-gpu flag to eliminate the vulnerable code path.
  • Keep the device’s Android OS updated and monitor Google security advisories for additional patches or mitigations.

Generated by OpenCVE AI on May 29, 2026 at 13:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Write in GPU Leading to Sandbox Escape in Google Chrome on Android chromium-browser: Out of bounds write in GPU
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Critical

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 29 May 2026 00:00:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Write in GPU Leading to Sandbox Escape in Google Chrome on Android

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Weaknesses CWE-787
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-29T15:31:34.807Z

Reserved: 2026-05-28T17:24:40.361Z

Link: CVE-2026-9872

cve-icon Vulnrichment

Updated: 2026-05-29T15:31:31.505Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-28T23:16:45.140

Modified: 2026-05-29T16:16:33.380

Link: CVE-2026-9872

cve-icon Redhat

Severity : Critical

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9872 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T14:00:20Z

Weaknesses