angle vulnerability

Google disclosed CVE-2026-7942 on May 6, 2026, as a medium-severity integer overflow in ANGLE affecting Chrome before version 148.0.7778.96, allowing a remote attacker to leak cross-origin data through a crafted HTML page. The bug is not the kind of headline-grabbing browser flaw that screams...

Google and Microsoft disclosed CVE-2026-7340 on April 28, 2026, as a medium-severity Chrome-on-Windows flaw in ANGLE fixed in Chrome 147.0.7727.138, where a crafted HTML page could trigger an integer overflow and cause an out-of-bounds memory read. The bug is not the scariest item in April’s...

The March 2026 Chrome security cycle has produced another reminder that browser graphics code remains a prime target, and CVE-2026-5277 sits squarely in that category. Microsoft’s Security Update Guide records the issue as an integer overflow in ANGLE affecting Google Chrome on Windows prior to...

In Google Chrome’s latest security cycle, CVE-2026-5283 stands out less because of its exploit mechanics than because of what it says about the browser’s attack surface in 2026: a crafted HTML page can still be enough to pry loose cross-origin data from a widely deployed Chromium stack. Google’s...

Google’s Chromium project patched a dangerous graphics-layer bug — tracked as CVE‑2025‑14174 — that allows an out‑of‑bounds memory access in the ANGLE (Almost Native Graphics Layer Engine) translation layer, and that upstream fix (Chrome 143.0.7499.110 and later) has been ingested by downstream...

In July 2025, Google addressed a critical security vulnerability in its Chrome browser, identified as CVE-2025-6558. This flaw, stemming from improper validation of untrusted input within the ANGLE and GPU components, was actively exploited in the wild, prompting immediate action from both...