01 · The Real Story
This is a bad peephole in one hallway of the browser, not a master key to the building
CVE-2026-10930 is an out-of-bounds read in Chrome's ANGLE graphics layer affecting Google Chrome on macOS before 149.0.7827.53. Public patch metadata ties the fix to ANGLE's Metal-backed Mac rendering path, which matters because this is a browser-driven bug reachable from a crafted HTML page, but only on the Mac slice of the fleet that hits the vulnerable graphics path.
Google tagged the bug High, but that overstates the operational urgency for most enterprises. This is a read-only memory disclosure, not code execution, not a sandbox escape, not a server-side bug, and not a proven in-the-wild exploit; once you account for Mac-only reachability, user interaction, and read-only impact, the real-world patch priority lands at MEDIUM.
"CVE-2026-10930 = ASSESSED AT MEDIUM: remote webpage info leak on Mac Chrome, but no RCE, no KEV, no public PoC"
02 · The Attack Path
4 steps from start to impact.
STEP 01
Land a Mac victim on a crafted page
The attacker needs a user to render attacker-controlled HTML in Chrome on macOS. In practice this means phishing, malvertising, a compromised site, or any other browser lure that gets a target to load hostile client-side content.
Conditions required:
- Victim uses Google Chrome on macOS
- Installed Chrome version is older than 149.0.7827.53
- User loads attacker-controlled web content
Where this breaks in practice:
- This is not wormable and not server-reachable
- Enterprise browsing protections, Safe Browsing, DNS filtering, and mail controls can break delivery before exploit code runs
Detection/coverage: Network detection is weak because the trigger is just web content. Best coverage is web filtering telemetry plus browser/version inventory.
STEP 02
Trigger the ANGLE Metal memory-read condition
The exploit path appears to involve ANGLE's Mac rendering code, with the public fix changing cache-key behavior around Metal uniform conversion buffers. That strongly suggests a backend-specific sequence of WebGL or graphics operations is needed to make Chrome read past intended bounds and expose adjacent renderer memory.
Conditions required:
- Mac rendering path reaches vulnerable ANGLE code
- Attacker can drive the required graphics state transitions from page content
- GPU acceleration and relevant renderer behavior are available
Where this breaks in practice:
- No public exploit or step-by-step PoC was located
- Backend-specific browser memory bugs are often finicky across hardware, drivers, and tabs
Detection/coverage: Signature-based scanners generally cannot prove exploitability. Detection is mostly version-based; crash telemetry may help if attempts are unstable.
STEP 03
Harvest data from renderer memory
A successful out-of-bounds read can expose data already resident in the renderer process: fragments of page content, tokens, cross-origin material if another bug weakens isolation, or other sensitive process memory. The key point is disclosure, not direct modification or native code execution.
Conditions required:
- Useful secrets or sensitive page data must be present in process memory at the right time
- The memory leak must be stable enough to return attacker-usable bytes
Where this breaks in practice:
- Read-only bugs do not automatically yield account takeover or host compromise
- Modern browser process isolation limits what any single renderer can see compared with older browser architectures
Detection/coverage: There is rarely a clean IOC for memory disclosure itself. Browser crash spikes, renderer faults, or anomalous WebGL-heavy pages are the practical clues.
STEP 04
Convert leaked bytes into follow-on value
The attacker still has to turn leaked memory into something operationally useful: session material, sensitive content, or chainable exploit knowledge for a second-stage bug. Without that second conversion step, the issue remains an information leak with limited standalone blast radius.
Conditions required:
- Leaked memory contains reusable secrets or exploit-enabling data
- Attacker can exfiltrate and interpret the disclosed bytes
Where this breaks in practice:
- Many leaks produce noisy or low-value data
- No public evidence shows this CVE being chained into a broader compromise sequence
Detection/coverage: Look for unusual outbound requests from malicious pages, but there is no reliable standalone network signature for this CVE.
03 · Intelligence Metadata
The supporting signals.
| In-the-wild status | No public exploitation evidence located as of 2026-06-05; not listed in CISA KEV. |
|---|---|
| Proof-of-concept availability | No public PoC or exploit repo found in this assessment. The main public artifact is the upstream ANGLE fix commit, which gives defenders architecture clues but not a turnkey exploit. |
| EPSS | 0.00035 from the supplied intel, implying roughly 0.035% modeled 30-day exploitation probability; very low attacker interest signal. Percentile was not authoritatively confirmed from a primary-source query in this assessment. |
| KEV status | Not in CISA KEV as of 2026-06-05. |
| Vendor severity / score | Google's release notes tag CVE-2026-10930 as High, but no vendor or authority numeric CVSS score was published. |
| CVSS vector interpretation | No official CVSS vector published. Based on public facts alone, the closest operational shape is *network-reachable via webpage, no auth, user interaction required, confidentiality impact only*. |
| Affected versions | Google Chrome on Mac prior to 149.0.7827.53 per supplied intel; Google's stable desktop release shipped fixes in 149.0.7827.53/54 for Windows/Mac. |
| Fixed versions | Treat 149.0.7827.53 or later on macOS as fixed for fleet triage. Mixed vendor wording around 53/54 appears to reflect build rollout packaging, not a separate exposure story for this CVE. |
| Exposure / scanning reality | This is a client-side browser issue, so Shodan/Censys/FOFA are basically useless. Exposure must be measured from MDM, EDR, browser inventory, or software asset data on managed Macs. |
| Disclosure chronology | Google lists the bug as reported on 2026-04-07; Chrome 149 stable shipped on 2026-06-02; the supplied CVE disclosure date is 2026-06-04. |
04 · The Call
noisgate verdict.
Final Verdict
↓ DOWNGRADED to MEDIUM (5.9/10)
The decisive downgrading factor is that this is a Mac-only, read-only browser memory disclosure, not remote code execution. It is certainly reachable from hostile web content, but the practical chain still depends on user browsing, a specific ANGLE/Metal path, and leaked bytes that are valuable enough to matter.
HIGH Affected-version and fixed-version mapping
MEDIUM Inference that the public ANGLE Metal cache-key fix is the core technical remediation path
HIGH No active exploitation / KEV status as of 2026-06-05
Why this verdict
- Confidentiality-only impact pushes down hard: public facts support an out-of-bounds *read*, not write, not sandbox escape, not native code exec. That is meaningful, but it is a smaller blast radius than the average remotely reachable Chrome memory-corruption headline.
- Mac-only reachability narrows the exposed population: the bug is explicitly scoped to Chrome on macOS, and the upstream fix points at ANGLE's Metal path. In mixed fleets, this instantly shrinks the patch target set versus a whole-browser all-platform issue.
- User interaction is required: the attacker must get a user to render a crafted page. That implies this is pre-compromise only through browser lures, and modern email/web controls plus Safe Browsing apply downward pressure.
- Threat telemetry is cold: no KEV, no public PoC located, and EPSS 0.00035 all argue against treating this like an emergency patch item. That is not proof of safety, but it is absolutely reason to keep it out of the top tier.
Why not higher?
There is no public evidence of code execution, sandbox escape, or active exploitation. The attack path is further narrowed by Mac-only applicability and a technically specific ANGLE rendering condition, so calling this HIGH or CRITICAL would ignore too much real-world friction.
Why not lower?
It is still a remote, no-auth, browser-reachable bug in one of the most exposed applications in the enterprise. A crafted webpage that can leak process memory is not backlog dust, because browsers routinely hold credentials, tokens, and sensitive business content.
05 · Compensating Control
What to do — in priority order.
- Force Chrome auto-update on managed Macs — Use MDM or Chrome Enterprise controls to push 149.0.7827.53 or later and force relaunch where policy allows. This is the cleanest control because MEDIUM has no noisgate mitigation SLA; go straight to durable remediation inside the 365-day window instead of building elaborate temporary controls.
- Inventory and isolate the Mac slice — Scope the issue to macOS Chrome first so Windows and Linux teams do not burn cycles on the wrong population. Pull software inventory from MDM/EDR now and keep a live exception list until all Macs report compliant versions; again, no mitigation SLA applies for MEDIUM.
- Reduce risky browser exposure for high-sensitivity Mac tiers — For admins, finance, and executive Macs that browse broadly, consider temporary hardening such as stricter URL filtering or disabling unneeded WebGL-heavy workflows if business impact is tolerable. Use this only as exposure reduction while the patch rolls out; there is no mitigation SLA — go straight to the remediation window.
What doesn't work
- A network IDS signature will not reliably catch this; the trigger is ordinary-looking hostile web content and the interesting event happens inside the browser process.
- Patching Windows or Linux Chrome does not close this specific risk story, because the CVE is scoped to Mac.
- MFA is good hygiene but does not prevent a browser memory disclosure from leaking page content or tokens already present in a renderer.
06 · Verification
Crowdsourced verification payload.
Run this on the target Mac host or through your MDM/remote shell on macOS. Invoke it as bash check_cve_2026_10930.sh "/Applications/Google Chrome.app"; standard user rights are usually enough because it only reads the app bundle's version metadata.
#!/bin/bash
# check_cve_2026_10930.sh
# Detects whether Google Chrome on macOS is vulnerable to CVE-2026-10930
# Affected: Google Chrome on Mac prior to 149.0.7827.53
# Output: VULNERABLE / PATCHED / UNKNOWN
# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN
APP_PATH="${1:-/Applications/Google Chrome.app}"
FIXED_VERSION="149.0.7827.53"
PLIST="$APP_PATH/Contents/Info.plist"
get_version() {
/usr/bin/defaults read "$PLIST" CFBundleShortVersionString 2>/dev/null
}
ver_lt() {
# returns 0 if $1 < $2, else 1
local IFS=.
local i
local -a a=($1) b=($2)
local len=${#a[@]}
if [ ${#b[@]} -gt $len ]; then
len=${#b[@]}
fi
for ((i=0; i<len; i++)); do
local ai=${a[i]:-0}
local bi=${b[i]:-0}
if ((10#$ai < 10#$bi)); then
return 0
elif ((10#$ai > 10#$bi)); then
return 1
fi
done
return 1
}
if [ ! -d "$APP_PATH" ]; then
echo "UNKNOWN: Chrome app not found at $APP_PATH"
exit 2
fi
if [ ! -f "$PLIST" ]; then
echo "UNKNOWN: Info.plist not found at $PLIST"
exit 2
fi
VERSION="$(get_version)"
if [ -z "$VERSION" ]; then
echo "UNKNOWN: Could not determine Chrome version"
exit 2
fi
if ver_lt "$VERSION" "$FIXED_VERSION"; then
echo "VULNERABLE: Google Chrome $VERSION is older than fixed version $FIXED_VERSION"
exit 1
else
echo "PATCHED: Google Chrome $VERSION is at or newer than fixed version $FIXED_VERSION"
exit 0
fi
07 · Bottom Line
If you remember one thing.
TL;DR
Monday morning: query your fleet for macOS endpoints running Google Chrome earlier than 149.0.7827.53, then patch that Mac subset and move on. Because this is MEDIUM, there is no noisgate mitigation SLA — go straight to the 365-day remediation window, and your noisgate remediation SLA is ≤365 days; in practice, most enterprises should simply fold this into the next normal browser update wave rather than treating it as an emergency change.
Sources
Peer Review
What defenders are saying.
Submit a review
attribution: handle + country only
0 flags selected · stored anonymously
Validation Results
Crowdsourced verification outputs.
Results submitted by users who ran the verification payload against their environment.