CVE Catalog

CVE-2026-11191

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.07%

21th percentile - higher than 21% of all known CVEs

Summary

In Google Chrome prior to version 149.0.7827.53, there was an out of bounds memory access issue in ANGLE that could allow a remote attacker to perform unauthorized memory access via a crafted HTML page.

Risk Assessment

This vulnerability could lead to unauthorized memory access, posing a risk of data leakage or execution of malicious code on the victim's system.

Recommendation

It is recommended to update Google Chrome to version 149.0.7827.53 or later to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Out of bounds memory access in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS