You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-10892
About this tag
CVE-2026-10892 is a critical out-of-bounds write vulnerability in Chrome's GPU component on Android, affecting versions before 149.0.7827.53. Discovered by Google on June 4, 2026, it could allow a remote attacker to attempt a sandbox escape via a crafted HTML page. For Windows IT professionals, this Android-specific CVE is relevant because the Chromium ecosystem—including Chrome, Edge, Electron apps, and WebView—shares GPU attack surfaces. The vulnerability underscores the importance of patching browser engines across all platforms and managing enterprise fleets to prevent sandbox escapes that could compromise security boundaries.
Google published CVE-2026-10892 on June 4, 2026, identifying a critical out-of-bounds write in Chrome’s GPU component on Android before version 149.0.7827.53 that could let a remote attacker attempt a sandbox escape through a crafted HTML page. The phrasing is dry, but the implication is not...