Description
Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-05-28
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Google Chrome’s WebGL implementation had insufficient validation of untrusted input, which could allow a remote attacker who had gained control of the renderer process to trigger a sandbox escape through a crafted HTML page. This flaw, classified as CWE‑20 and CWE‑1173, enables an attacker to break out of the renderer’s sandbox and potentially execute arbitrary code with elevated privileges, compromising confidentiality, integrity, and availability. The Chromium team rated the severity of this issue as Critical.

Affected Systems

Google Chrome browsers running versions earlier than 148.0.7778.216 were affected. All operating systems that ship with these older Chrome builds are at risk until the upgrade to 148.0.7778.216 or later is performed.

Risk and Exploitability

The vulnerability is marked Critical and has a CVSS score of 8.3; its EPSS score is 0.00043 (approximately 0.043%), indicating a low probability of exploitation. Because the flaw requires a compromised renderer process and a maliciously constructed HTML page, the attack vector is remote. The lack of a current CISA KEV listing does not diminish the threat; the ability to escape the browser sandbox poses a high risk if an attacker can host or embed malicious content accessed by a user running the vulnerable Chrome version.

Generated by OpenCVE AI on May 29, 2026 at 18:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to the latest stable release (148.0.7778.216 or newer) to apply the fixed WebGL validation code.
  • If an update cannot be applied immediately, temporarily disable WebGL by setting the “WebGL” flag to disabled in chrome://flags or using a browser extension that blocks WebGL functionality.
  • Continue to monitor Google Chrome security announcements and apply future patches as they become available.

Generated by OpenCVE AI on May 29, 2026 at 18:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

 cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Chrome WebGL Input Validation Leading to Sandbox Escape chromium-browser: Insufficient validation of untrusted input in WebGL
Weaknesses CWE-1173
References
Metrics threat_severity

None

 cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Critical

Fri, 29 May 2026 03:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title Chrome WebGL Input Validation Leading to Sandbox Escape

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Weaknesses CWE-20
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-29T15:52:59.397Z

Reserved: 2026-05-28T17:24:42.260Z

Link: CVE-2026-9880

cve-icon Vulnrichment

Updated: 2026-05-29T15:52:49.461Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T23:16:45.947

Modified: 2026-05-29T17:17:35.147

Link: CVE-2026-9880

cve-icon Redhat

Severity : Critical

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9880 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T18:15:04Z

Weaknesses