CVE Catalog

CVE-2026-11006

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

Google Chrome versions prior to 149.0.7827.53 contain a vulnerability allowing an out of bounds memory read via a crafted HTML page by a remote attacker.

Risk Assessment

An attacker may gain access to sensitive data in memory, potentially leading to further attacks on the user's system.

Recommendation

It is recommended to update Google Chrome to the latest version to mitigate this vulnerability.

Original NVD description (English source)

Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS