You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-11678
About this tag
CVE-2026-11678 is a high-severity integer overflow vulnerability in the libyuv image-processing library affecting Google Chrome before version 149.0.7827.103. Disclosed on June 8, 2026, it allows an attacker who has already compromised Chrome's renderer to read sensitive process memory via a crafted HTML page. While not the most prominent Chrome flaw, it is significant because such memory-safety issues can be chained with other exploits for broader attacks. For Windows users and administrators, the primary mitigation is to update Chrome, Edge, and any Chromium-based browser to the latest patched version.
Google Chrome before version 149.0.7827.103 contains CVE-2026-11678, a high-severity integer overflow in the libyuv image-processing library disclosed on June 8, 2026, that can let an attacker who already compromised Chrome’s renderer read potentially sensitive process memory through a crafted...