Description
Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Published: 2026-05-28
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An inappropriate implementation in Skia, the graphics library used by Google Chrome on Android, permits a remote attacker who has already compromised the renderer process to escape the browser’s sandbox. By serving a crafted HTML page the attacker can potentially execute arbitrary code with higher privileges, jeopardizing the confidentiality, integrity, and availability of the device. Chromium security staff have rated the flaw as Critical.

Affected Systems

The vulnerability affects Google Chrome on Android devices running versions prior to 148.0.7778.216. Any installation of Chrome that has a renderer component older than this build is susceptible.

Risk and Exploitability

The EPSS score is not available and the vulnerability is not listed in CISA KEV, yet the CVSS base score of 8.7 indicates a high severity. Exploitation requires the attacker to already control the renderer process, typically through a malicious web page or phishing attack that loads crafted content. Once that condition is met, the Skia bug can be triggered to escape the sandbox, giving the attacker significant escape capabilities.

Generated by OpenCVE AI on May 29, 2026 at 14:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Chrome to version 148.0.7778.216 or later to obtain the Skia patch
  • Enforce Chrome policies that restrict renderer permissions and block execution of untrusted extensions or content
  • Adopt regular Chrome update procedures to ensure all users receive the latest security fixes

Generated by OpenCVE AI on May 29, 2026 at 14:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 14:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-732

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Sandbox Escape via Skia in Android Chrome chromium-browser: Inappropriate implementation in Skia
Weaknesses CWE-807
References
Metrics threat_severity

None

 cvssV3_1

{'score': 8.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N'}

threat_severity

Critical

Fri, 29 May 2026 00:00:00 +0000

Type Values Removed Values Added
Title Sandbox Escape via Skia in Android Chrome
First Time appeared Google
Google chrome
Weaknesses CWE-200
CWE-732
Vendors & Products Google
Google chrome

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-28T22:25:14.810Z

Reserved: 2026-05-28T17:24:44.897Z

Link: CVE-2026-9892

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-28T23:16:47.187

Modified: 2026-05-29T02:35:42.620

Link: CVE-2026-9892

cve-icon Redhat

Severity : Critical

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9892 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T14:30:37Z

Weaknesses