01 · The Real Story
This is a cracked office window, not a blown-open vault door
CVE-2026-11110 is an uninitialized-use bug in ANGLE, Chrome's graphics translation layer used by WebGL and related rendering paths. Google lists Chrome versions before 149.0.7827.53 as affected; the fixed build shipped as 149.0.7827.53 for Linux and 149.0.7827.53/54 for Windows and macOS on 2026-06-02, and the CVE record was published on 2026-06-04. The stated impact is cross-origin data leakage from a crafted HTML page, which means this is about confidentiality loss inside the browser session, not code execution or sandbox escape.
The vendor's MEDIUM 6.5 is basically right. The upside pressure is that Chrome is everywhere and a malicious site is easy to deliver; the downside pressure is stronger: user interaction is required, exploit automation is marked 'no' by CISA ADP, there is no KEV listing, no active exploitation evidence, and the impact is limited to data exposure in the victim browser context rather than host takeover. For an enterprise patch queue, this is worth fixing through normal browser update channels, but it should not jump ahead of browser RCEs, sandbox escapes, or server-side pre-auth bugs.
"Real bug, real data-leak potential, but it is still a user-driven browser bug without exploit evidence or broad blast radius."
02 · The Attack Path
4 steps from start to impact.
STEP 01
Deliver a malicious WebGL-capable page
The attacker needs the victim to render a crafted HTML page that exercises Chrome's graphics stack, likely via WebGL or another ANGLE-backed path. In practice the weaponized component is the page's JavaScript/WebGL content rather than a standalone exploit kit published in the open.
Conditions required:
- Victim browses to attacker-controlled or attacker-influenced content
- Chrome build is older than 149.0.7827.53
- Relevant graphics path is reachable on the victim platform
Where this breaks in practice:
- Requires user interaction
- Enterprise web filtering, Safe Browsing, URL rewriting, or browser isolation can break initial delivery
- Some environments disable or restrict WebGL/GPU acceleration in sensitive enclaves
Detection/coverage: Email and web gateways can catch commodity delivery, but scanners cannot see this step from the network. Detection is mostly telemetry around suspicious browsing destinations and browser crashes/anomalies, not signature-grade exploit detection.
STEP 02
Trigger the ANGLE uninitialized-use condition
Once the page runs, the attacker has to drive ANGLE into an uninitialized-use state and then turn that memory misuse into a usable read primitive or leak side effect. This is the hard part operationally: CISA ADP marks the issue Automatable: no, which is a meaningful real-world brake on mass exploitation.
Conditions required:
- Precise renderer/graphics state manipulation succeeds
- Exploit path survives platform, driver, and build variability
Where this breaks in practice:
- Graphics bugs are often brittle across GPUs, drivers, and OS builds
- No public PoC was identified in consulted sources
- Chromium issue details remain restricted while the patch propagates
Detection/coverage: Version scanners will only flag exposure by build number. EDR and browser crash telemetry may show renderer instability, but they usually will not conclusively identify CVE-2026-11110 exploitation.
STEP 03
Extract cross-origin data from browser memory
If the bug is exploited successfully, the attacker can leak data that should remain segregated by origin boundaries inside the browser session. Think tokens, page fragments, or other sensitive material accessible only because memory was exposed incorrectly, not because the browser process was fully compromised.
Conditions required:
- Sensitive target content is present in the victim's browser session
- Leaked bytes are stable enough to reconstruct useful data
Where this breaks in practice:
- Leak quality may be partial or noisy rather than clean arbitrary read
- Impact is confidentiality only; there is no stated integrity or availability effect
- Blast radius is usually one user session at a time
Detection/coverage: No reliable network scanner can observe this. Defensive visibility comes from anomalous outbound requests from the malicious page, DLP hits, and post-event browser forensic correlation.
STEP 04
Exfiltrate the stolen session data
The final step is plain web exfiltration: send harvested values back to attacker infrastructure. The weaponized tool here is ordinary browser networking from JavaScript, which is easy to do but only valuable if the prior leak produced usable secrets.
Conditions required:
- Attacker-controlled collection endpoint is reachable
- Stolen data has real business value
Where this breaks in practice:
- Outbound filtering, browser isolation, and DLP may catch the useful payload
- Even successful theft usually compromises a user context, not the endpoint or domain
Detection/coverage: Proxy logs, DNS, CASB, and DLP have the best chance here. Again, they may detect suspicious exfiltration without proving this specific CVE was the root cause.
03 · Intelligence Metadata
The supporting signals.
| In-the-wild status | No evidence in consulted primary sources that CVE-2026-11110 is being exploited in the wild. CISA ADP currently marks Exploitation: none. |
|---|---|
| Proof-of-concept availability | No public PoC repo surfaced in the consulted sources. The referenced Chromium issue is restricted, which is common immediately after Chrome fixes ship. |
| EPSS | 0.00035 from the user-supplied intel, indicating very low short-term exploitation probability; percentile was not provided in the prompt and was not directly retrievable from consulted primary sources. |
| KEV status | Not KEV-listed in the consulted CISA Known Exploited Vulnerabilities catalog source. |
| CVSS vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N = easy delivery over the web, but user interaction required and confidentiality-only impact. |
| Affected versions | Google Chrome prior to 149.0.7827.53 according to the CVE record and Chrome release notes. |
| Fixed versions | 149.0.7827.53 (Linux) and 149.0.7827.53/54 (Windows/macOS) shipped on 2026-06-02. For enterprise Linux distro packages, rely on vendor-backported Chromium package advisories rather than upstream version-string guessing. |
| Exposure / scanning reality | This is a client-side browser vulnerability, not an internet-facing service flaw. Shodan/Censys-style enumeration is largely irrelevant because they cannot reliably identify which managed endpoints are running a vulnerable Chrome build from the public internet. |
| Disclosure timeline | Chrome stable fix announced 2026-06-02; CVE record published 2026-06-04; CISA ADP enrichment present by 2026-06-06. |
| Reporter | Google lists it as reported by Google on 2026-04-08 in the Chrome 149 stable-channel advisory. |
04 · The Call
noisgate verdict.
Final Verdict
= UNCHANGED to MEDIUM (5.9/10)
The decisive factor is that this is still a user-driven client-side leak bug with no exploitation evidence and no automation signal, not a host-compromise primitive. Chrome's ubiquity keeps it out of LOW, but the requirement for user browsing plus session-scoped confidentiality impact keeps it out of HIGH.
HIGH Affected versions and fixed build identification
MEDIUM Real-world exploitability assessment without public bug details
MEDIUM PoC non-availability based on consulted sources
Why this verdict
- User interaction is mandatory: the attacker must get a victim to load a crafted page, which means this is downstream of phishing, malvertising, or web-compromise success.
- Impact is confidentiality-only: the published vector is
C:H/I:N/A:N, so even successful exploitation is data theft from the browser context, not code execution or endpoint takeover. - CISA ADP adds downward pressure: it marks Exploitation: none and Automatable: no, which materially reduces urgent mass-exploitation risk compared with browser RCEs.
- Population is broad but blast radius is narrow: Chrome is everywhere, but each successful hit is generally one browser session at a time rather than a fleet-wide control-plane compromise.
- No KEV and very low EPSS: both signals say attackers are not currently concentrating on this bug.
Why not higher?
There is no evidence of active exploitation, no KEV listing, no public PoC in the consulted sources, and no claim of code execution or sandbox escape. The attack chain also starts with a user browsing to malicious content, which is a real gate in managed enterprise environments.
Why not lower?
This is still a remote browser bug in a ubiquitous application with a stated ability to leak cross-origin data, which can expose authenticated business content and tokens. Because browsers sit directly on the attack surface of every user, a real confidentiality bug here is not just backlog lint.
05 · Compensating Control
What to do — in priority order.
- Force evergreen Chrome updates — Use your browser-management channel to enforce auto-update compliance and verify endpoints reach 149.0.7827.53+ / 149.0.7827.54+ as appropriate. For a MEDIUM verdict there is no mitigation SLA — go straight to the 365-day remediation window, but for Chrome specifically you should let the normal rapid browser ring clear this long before that.
- Restrict WebGL in high-risk enclaves — On privileged admin workstations, VDI jump hosts, kiosks, and other sensitive browsing tiers, consider policy-based WebGL/GPU restriction if business impact is acceptable. This reduces reachability of ANGLE-driven bug paths while you complete standard remediation; again, no mitigation SLA applies at MEDIUM.
- Use browser isolation for untrusted browsing — Route unknown sites, webmail links, and high-risk categories through remote browser isolation where available. That breaks the attacker assumption that crafted client-side content executes directly in the user's endpoint browser.
- Harden outbound data-loss monitoring — Tune proxy, CASB, and DLP detections for suspicious browser-originated exfiltration of session tokens, large encoded parameters, or anomalous POSTs to newly seen domains. This will not stop the memory leak itself, but it can catch the monetizable part of the attack.
What doesn't work
- A perimeter vulnerability scan does not meaningfully measure exposure here, because this is not a server-side remotely enumerable flaw.
- MFA alone does not stop cross-origin data leakage once the victim is already authenticated in the browser session.
- WAF rules on your own web apps are only partial help; they do nothing if the malicious page is hosted elsewhere and merely abuses the victim browser.
06 · Verification
Crowdsourced verification payload.
Run this on the target endpoint or through your software inventory/EDR remote-shell channel. Invoke it with python3 check_chrome_cve_2026_11110.py; no admin rights are required, but the script only works where it can execute the local browser binary or read the app bundle metadata.
#!/usr/bin/env python3
# check_chrome_cve_2026_11110.py
# Detects whether local Google Chrome / Chromium version is below the fixed build for CVE-2026-11110.
# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN
import os
import platform
import re
import shutil
import subprocess
import sys
from typing import Optional, Tuple
FIX_LINUX = (149, 0, 7827, 53)
FIX_WINDOWS_MAC = (149, 0, 7827, 54)
def parse_version(text: str) -> Optional[Tuple[int, int, int, int]]:
m = re.search(r'(\d+)\.(\d+)\.(\d+)\.(\d+)', text)
if not m:
return None
return tuple(int(x) for x in m.groups())
def run_cmd(cmd):
try:
p = subprocess.run(cmd, capture_output=True, text=True, timeout=10)
if p.returncode == 0:
return (p.stdout or p.stderr).strip()
except Exception:
pass
return None
def get_version_linux() -> Optional[Tuple[int, int, int, int]]:
candidates = [
'google-chrome', 'google-chrome-stable', 'chromium', 'chromium-browser', 'chrome'
]
for c in candidates:
path = shutil.which(c)
if not path:
continue
out = run_cmd([path, '--version'])
if out:
v = parse_version(out)
if v:
return v
return None
def get_version_macos() -> Optional[Tuple[int, int, int, int]]:
app_paths = [
'/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',
os.path.expanduser('~/Applications/Google Chrome.app/Contents/MacOS/Google Chrome'),
'/Applications/Chromium.app/Contents/MacOS/Chromium'
]
for path in app_paths:
if os.path.exists(path):
out = run_cmd([path, '--version'])
if out:
v = parse_version(out)
if v:
return v
plist_paths = [
'/Applications/Google Chrome.app/Contents/Info.plist',
os.path.expanduser('~/Applications/Google Chrome.app/Contents/Info.plist'),
'/Applications/Chromium.app/Contents/Info.plist'
]
for plist in plist_paths:
if os.path.exists(plist):
out = run_cmd(['/usr/bin/defaults', 'read', plist.replace('/Contents/Info.plist', ''), 'CFBundleShortVersionString'])
if out:
v = parse_version(out)
if v:
return v
return None
def get_version_windows() -> Optional[Tuple[int, int, int, int]]:
candidates = [
os.path.join(os.environ.get('ProgramFiles', ''), 'Google', 'Chrome', 'Application', 'chrome.exe'),
os.path.join(os.environ.get('ProgramFiles(x86)', ''), 'Google', 'Chrome', 'Application', 'chrome.exe'),
os.path.join(os.environ.get('LocalAppData', ''), 'Google', 'Chrome', 'Application', 'chrome.exe'),
os.path.join(os.environ.get('ProgramFiles', ''), 'Chromium', 'Application', 'chrome.exe'),
os.path.join(os.environ.get('ProgramFiles(x86)', ''), 'Chromium', 'Application', 'chrome.exe')
]
ps = shutil.which('powershell') or shutil.which('powershell.exe')
if not ps:
return None
for exe in candidates:
if os.path.exists(exe):
cmd = [ps, '-NoProfile', '-Command', f"(Get-Item '{exe}').VersionInfo.ProductVersion"]
out = run_cmd(cmd)
if out:
v = parse_version(out)
if v:
return v
return None
def compare_versions(found: Tuple[int, int, int, int], fixed: Tuple[int, int, int, int]) -> int:
if found < fixed:
return -1
if found == fixed:
return 0
return 1
def main():
system = platform.system().lower()
version = None
fixed = None
if system == 'linux':
version = get_version_linux()
fixed = FIX_LINUX
elif system == 'darwin':
version = get_version_macos()
fixed = FIX_WINDOWS_MAC
elif system == 'windows':
version = get_version_windows()
fixed = FIX_WINDOWS_MAC
else:
print('UNKNOWN: unsupported operating system')
sys.exit(2)
if version is None:
print('UNKNOWN: could not determine local Chrome/Chromium version')
sys.exit(2)
found_s = '.'.join(map(str, version))
fixed_s = '.'.join(map(str, fixed))
cmp_result = compare_versions(version, fixed)
if cmp_result < 0:
print(f'VULNERABLE: detected version {found_s} < fixed version {fixed_s}')
sys.exit(1)
else:
print(f'PATCHED: detected version {found_s} >= fixed version {fixed_s}')
sys.exit(0)
if __name__ == '__main__':
main()
07 · Bottom Line
If you remember one thing.
TL;DR
Monday morning: do not emergency-escalate this above more dangerous browser RCEs or any internet-facing pre-auth server bug, but make sure your managed browser ring is actually delivering the fixed Chrome build. For a MEDIUM verdict there is noisgate mitigation SLA: no mitigation SLA — go straight to the 365-day remediation window, and noisgate remediation SLA: ≤365 days; in practice, because this is Chrome, you should clear it through normal evergreen update enforcement in days to weeks, verify stragglers, and use WebGL/browser-isolation controls only for your highest-risk browsing tiers.
Sources
- Chrome Releases: Stable Channel Update for Desktop (Chrome 149)
- Chromium issue reference for CVE-2026-11110
- CVE record mirror with Chrome CNA and CISA ADP enrichment
- CISA Known Exploited Vulnerabilities Catalog
- FIRST EPSS overview
- FIRST EPSS API documentation
- Canadian Centre for Cyber Security advisory for Chrome 149
- GovCERT.HK advisory for Chrome 149 vulnerabilities
Peer Review
What defenders are saying.
Submit a review
attribution: handle + country only
0 flags selected · stored anonymously
Validation Results
Crowdsourced verification outputs.
Results submitted by users who ran the verification payload against their environment.