You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-11667
About this tag
CVE-2026-11667 is a high-severity WebRTC out-of-bounds read vulnerability in Google Chrome before version 149.0.7827.103, disclosed on June 8, 2026. The flaw could allow a remote attacker who has already compromised Chrome's GPU process to trigger heap corruption via a crafted HTML page. This vulnerability is particularly relevant in exploit chains, where attackers combine multiple flaws rather than relying on a single critical bug. Discussions on WindowsForum highlight the importance of applying the Chrome update promptly to mitigate the risk of chainable heap corruption attacks.
Google Chrome before 149.0.7827.103 contains CVE-2026-11667, a high-severity WebRTC out-of-bounds read flaw disclosed June 8, 2026, that could let a remote attacker who already compromised Chrome’s GPU process trigger heap corruption through a crafted HTML page. The important word in that...