Description
Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-28
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap buffer overflow exists in the ANGLE graphics layer of Google Chrome versions prior to 148.0.7778.216. The flaw allows a remote attacker who has succeeded in compromising the renderer process to trigger a buffer overflow, which may lead to a sandbox escape and execution of arbitrary code on the host system. The vulnerability is carried out by crafted HTML content, indicating that the attack requires delivery of malicious web content to the vulnerable browser instance.

Affected Systems

The affected product is Google Chrome. All releases prior to 148.0.7778.216 are vulnerable. The primary entry point is the ANGLE component used for rendering web pages. Specific hardware or platform does not alter the attack surface as the flaw resides in Chrome's rendering engine.

Risk and Exploitability

The CVSS score of 8.3 indicates a high severity due to its remote impact and potential for full code execution. The EPSS score is <1%, indicating a very low probability of exploitation. The vulnerability has not been catalogued in CISA KEV yet, suggesting no widespread exploitation reports to date. Attackers would need to lure a user into visiting a malicious site that triggers the overflow in the renderer process. Once a sandbox escape is achieved, the attacker can potentially compromise the entire system. The lack of early public disclosure means effective mitigation can be achieved by deploying the vendor’s patch soon after release.

Generated by OpenCVE AI on May 29, 2026 at 17:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Google Chrome to version 148.0.7778.216 or later.
  • Disable ANGLE or hardware acceleration via Chrome flags or enterprise policy to reduce exposure until a patch is available.
  • Apply OS-level sandbox hardening and enforce minimum privilege for the Chromium renderer process.

Generated by OpenCVE AI on May 29, 2026 at 17:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Fri, 29 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title ANGLE Heap Buffer Overflow Enabling Remote Sandbox Escape in Google Chrome chromium-browser: Heap buffer overflow in ANGLE
Weaknesses CWE-787
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Important

Fri, 29 May 2026 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Fri, 29 May 2026 00:30:00 +0000

Type Values Removed Values Added
Title ANGLE Heap Buffer Overflow Enabling Remote Sandbox Escape in Google Chrome

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-122
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-29T15:49:51.493Z

Reserved: 2026-05-28T17:24:52.681Z

Link: CVE-2026-9926

cve-icon Vulnrichment

Updated: 2026-05-29T15:49:48.326Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T23:16:50.700

Modified: 2026-05-29T17:16:37.260

Link: CVE-2026-9926

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9926 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T18:00:05Z

Weaknesses