Description
Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-28
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an out‑of‑bounds read in the GPU component of Google Chrome that can be triggered when a renderer process is already compromised. If the attacker can supply a crafted HTML page, the read may allow the renderer to escape its sandbox and gain higher privileges on the host. This could lead to arbitrary code execution or other elevated‑privilege attacks while the user remains unaware.

Affected Systems

Google Chrome versions prior to 148.0.7778.216 are vulnerable. The affected component is the GPU subsystem of the Chrome browser on all platforms that include the renderer process.

Risk and Exploitability

The CVSS score is 8.2, indicating a high severity vulnerability. No EPSS score is available, so publicly known exploitation probability is uncertain. The vulnerability is not listed in CISA’s KEV catalog. Attackers would need to compromise the renderer process, which is typically sandboxed, and then serve a malicious webpage to trigger the exploit. While the attack surface is reduced, the potential impact of sandbox escape makes it a high‑risk flaw for users running vulnerable Chrome versions.

Generated by OpenCVE AI on May 29, 2026 at 13:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install Chrome version 148.0.7778.216 or newer.
  • Ensure automatic updates are enabled so future security patches are applied promptly.
  • Avoid browsing untrusted or unfamiliar sites and maintain comprehensive site isolation and sandboxing settings.

Generated by OpenCVE AI on May 29, 2026 at 13:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title GPU Out‑of‑Bounds Read Leading to Sandbox Escape in Chrome chromium-browser: Out of bounds read in GPU
References
Metrics threat_severity

None

 cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Important

Fri, 29 May 2026 00:00:00 +0000

Type Values Removed Values Added
Title GPU Out‑of‑Bounds Read Leading to Sandbox Escape in Chrome
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-125
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-29T15:12:06.584Z

Reserved: 2026-05-28T17:24:45.774Z

Link: CVE-2026-9895

cve-icon Vulnrichment

Updated: 2026-05-29T15:12:00.572Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-28T23:16:47.497

Modified: 2026-05-29T16:16:36.067

Link: CVE-2026-9895

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9895 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T13:45:45Z

Weaknesses