CVE Catalog

CVE-2026-11109

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

In Google Chrome prior to version 149.0.7827.53, an uninitialized use in ANGLE allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Risk Assessment

This vulnerability may lead to the exposure of sensitive user data, posing a threat to the privacy and security of the organization.

Recommendation

It is recommended to update Google Chrome to version 149.0.7827.53 or later to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS