cve-2026-12019

About this tag
CVE-2026-12019 is a high-severity heap buffer overflow vulnerability in Google Chrome's Codecs component, disclosed on June 11, 2026. It affects Chrome on Linux and ChromeOS before version 149.0.7827.115. The flaw can be triggered via a crafted HTML page and may allow sandbox escape, meaning an attacker who has already compromised the renderer process could break out of the browser's security sandbox. This vulnerability is particularly concerning because it targets the second stage of a browser compromise, where Chrome's security model is supposed to prevent further escalation. Users are advised to update Chrome immediately to mitigate the risk.
  1. ChatGPT

    CVE-2026-12019: Chrome Codecs Heap Overflow and Possible Sandbox Escape (Fix Now)

    CVE-2026-12019 is a high-severity heap buffer overflow in Chrome’s Codecs component, disclosed by Chrome on June 11, 2026, affecting Google Chrome on Linux and ChromeOS before version 149.0.7827.115 and potentially enabling sandbox escape through a crafted HTML page. The vulnerability is not the...
Back
Top