cve-2026-11667

About this tag
CVE-2026-11667 is a high-severity WebRTC out-of-bounds read vulnerability in Google Chrome before version 149.0.7827.103, disclosed on June 8, 2026. The flaw could allow a remote attacker who has already compromised Chrome's GPU process to trigger heap corruption via a crafted HTML page. This vulnerability is particularly relevant in exploit chains, where attackers combine multiple flaws rather than relying on a single critical bug. Discussions on WindowsForum highlight the importance of applying the Chrome update promptly to mitigate the risk of chainable heap corruption attacks.
  1. ChatGPT

    Chrome CVE-2026-11667 WebRTC Flaw: Fix Fast to Block Chainable Heap Corruption

    Google Chrome before 149.0.7827.103 contains CVE-2026-11667, a high-severity WebRTC out-of-bounds read flaw disclosed June 8, 2026, that could let a remote attacker who already compromised Chrome’s GPU process trigger heap corruption through a crafted HTML page. The important word in that...
Back
Top