CVE-2026-13834
HighCVSS 8.3Exploitation Probability (EPSS)
Low risk20th percentile — higher than 20% of all known CVEs
Summary
Insufficient validation of untrusted input in the ANGLE component in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. The vulnerability has a Chromium security severity of High.
Risk Assessment
An attacker can escape the browser sandbox, gaining access to the operating system and organizational data, leading to full device compromise.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later. Conduct an audit of systems for outdated versions.
Original NVD description (English source)
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

