CVE-2026-11191
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk21th percentile - higher than 21% of all known CVEs
Summary
In Google Chrome prior to version 149.0.7827.53, there was an out of bounds memory access issue in ANGLE that could allow a remote attacker to perform unauthorized memory access via a crafted HTML page.
Risk Assessment
This vulnerability could lead to unauthorized memory access, posing a risk of data leakage or execution of malicious code on the victim's system.
Recommendation
It is recommended to update Google Chrome to version 149.0.7827.53 or later to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
Out of bounds memory access in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

