Description
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-28
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free bug in ANGLE, present in Google Chrome before version 148.0.7778.216, allows a remote attacker who has already compromised the renderer process to craft a malicious HTML page that triggers the flaw. The vulnerability is a CWE‑416 and CWE‑825 condition and can lead to a sandbox escape, giving the attacker the capacity to execute arbitrary code with elevated privileges within the renderer context, potentially compromising confidentiality, integrity, and availability.

Affected Systems

Google Chrome browsers that are older than version 148.0.7778.216 are affected. The vulnerability is limited to the ANGLE graphics component used by Chrome for rendering.

Risk and Exploitability

The CVE has a CVSS score of 8.3, indicating high severity. EPSS score of 0.00035 (less than 1%) indicates a very low but non‑zero exploitation probability, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to first compromise the renderer process, typically by luring a user onto a malicious website that serves the crafted HTML. Once the exploitation path is executed, the attacker can escape the sandbox and potentially gain full code‑execution rights on the host.

Generated by OpenCVE AI on May 29, 2026 at 16:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.216 or later immediately. This applies the patch that removes the use‑after‑free in ANGLE.
  • Configure Chrome to receive automatic updates and ensure the browser stays on the latest stable release. Enable safe browsing and other security features to reduce the risk of an attacker supplying malicious content.
  • Avoid visiting untrusted or suspicious web pages and consider using a reputable web‑filter or antivirus solution with browser protection to block known malicious HTML and scripts.

Generated by OpenCVE AI on May 29, 2026 at 16:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Fri, 29 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Fri, 29 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use After Free in ANGLE Causes Sandbox Escape via Malicious HTML chromium-browser: Use after free in ANGLE
Weaknesses CWE-825
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

threat_severity

Important

Fri, 29 May 2026 00:30:00 +0000

Type Values Removed Values Added
Title Use After Free in ANGLE Causes Sandbox Escape via Malicious HTML

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 28 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-29T14:40:33.813Z

Reserved: 2026-05-28T17:24:57.486Z

Link: CVE-2026-9946

cve-icon Vulnrichment

Updated: 2026-05-29T14:40:29.779Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T23:16:52.740

Modified: 2026-05-29T16:29:30.010

Link: CVE-2026-9946

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-9946 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T16:30:02Z

Weaknesses