CVE-2026-11114 · Use after free in Device Trust in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer pro

01 · The Real Story

This is a hidden side door behind another locked door, not an exposed front gate

CVE-2026-11114 is a use-after-free in Chrome Device Trust on macOS affecting Google Chrome versions before 149.0.7827.53. The public description is important: the attacker must already have compromised the renderer process and then use a crafted HTML page to try to turn that foothold into a sandbox escape. Device Trust itself is an enterprise/browser-management feature used to surface device signals for managed Chrome deployments.

The vendor-style CRITICAL 9.6 framing overshoots reality for enterprise patch triage. In real deployments this is not an initial-access bug; it is a second-stage exploit primitive that only matters after a separate renderer exploit lands, and it is further narrowed by being Mac-only and *likely* most relevant where Device Trust is actually deployed on managed browsers. That combination pushes this down from emergency patch-now territory into meaningful but not fleet-panic risk.

"Treat this as a chain-only Mac browser sandbox escape, not a stand-alone internet fire drill."

02 · The Attack Path

4 steps from start to impact.

STEP 01

Deliver hostile web content

The operator starts with a malicious HTML page or exploit kit page delivered by phishing, ads, or a compromised site. CVE-2026-11114 is not the entry bug here; it needs hostile content plus a separate browser bug chain to get code running in the renderer.

Conditions required:

User browses to attacker-controlled or attacker-influenced content
Target is running Chrome on macOS before 149.0.7827.53

Where this breaks in practice:

Safe Browsing, URL filtering, and user training cut down delivery success
This step still needs a separate renderer compromise path; this CVE alone does not provide it

Detection/coverage: Secure web gateways and browser telemetry can often see the lure or redirect, but they will not identify CVE-2026-11114 specifically.

STEP 02

Compromise the renderer first

The attacker must obtain renderer-process code execution or equivalent control using some other Chrome vulnerability or exploit chain. Chromium's own process model treats the renderer as sandboxed and isolated, which is exactly why this extra step exists.

Conditions required:

A separate, weaponized renderer exploit is available
Exploit reliability is sufficient on the target Mac/Chrome build

Where this breaks in practice:

This is the biggest downward pressure on severity: it assumes the attacker already solved a different browser exploit problem
Modern mitigations, exploit hardening, and version drift reduce reliable renderer exploitation

Detection/coverage: EDR may see a renderer crash/restart pattern or follow-on anomalous child behavior, but signature coverage is weak for bespoke browser exploit chains.

STEP 03

Use Device Trust UAF for sandbox escape

With renderer control established, the attacker attempts to trigger the Device Trust use-after-free described in the Chrome/NVD record to escape the browser sandbox. This is the stage where CVE-2026-11114 becomes relevant: it is a post-renderer sandbox-escape primitive, not a direct remote code execution bug by itself.

Conditions required:

Renderer already compromised
Target is macOS
Affected Chrome build is present

Where this breaks in practice:

Mac-only scope shrinks the reachable fleet
If Device Trust functionality is only active in managed-browser scenarios, the exposed population is narrower still
No public PoC or exploit chain is available at assessment time

Detection/coverage: Generic vulnerability scanners can flag vulnerable Chrome versions on endpoints, but they cannot validate exploitability of this chain stage.

STEP 04

Convert sandbox escape into host impact

If the escape succeeds, the operator can try to reach beyond renderer constraints into broader browser or host-level actions, making credential access, persistence, or follow-on malware execution more plausible. The blast radius is meaningful on the individual endpoint, but it is still bounded by the need for a successful multi-stage chain.

Conditions required:

Successful sandbox escape
Post-exploitation payload or operator tradecraft

Where this breaks in practice:

EDR, application controls, and lack of admin rights can still blunt post-escape objectives
A sandbox escape is serious, but it does not guarantee privileged code execution or domain-wide spread

Detection/coverage: Post-escape activity is where defenders are most likely to win: EDR, behavioral analytics, and identity telemetry have the best chance here.

03 · Intelligence Metadata

The supporting signals.

In-the-wild status	No public active exploitation evidence seen in Chrome/CISA materials reviewed, and not listed in CISA KEV at assessment time.
Public PoC / exploit	No public PoC or exploit repo found. The Chromium issue is present but not publicly useful for exploitation details.
EPSS	`0.00035` from supplied intel; very low expected near-term exploitation pressure. Percentile was not provided in the prompt and was not confirmed from primary-source output during this assessment.
KEV status	Not KEV-listed as of the assessment date; no CISA due date applies.
Vendor score vs vendor-native wording	Prompt supplied CRITICAL 9.6, but the Chrome/NVD description explicitly says Chromium security severity: Medium. That mismatch matters.
CVSS vector interpretation	`CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H` captures the impact if the chain works, but it does not model the explicit prerequisite that the renderer is already compromised.
Affected versions	Google Chrome on macOS before 149.0.7827.53.
Fixed versions	Patched in Chrome 149.0.7827.53 for Mac; the June 2, 2026 stable rollout lists 149.0.7827.53/54 for Windows/Mac.
Scanning / exposure reality	Shodan/Censys/FOFA are not meaningful here because this is a client-side browser bug, not an internet-facing service. Your exposure question is endpoint inventory: which Macs run vulnerable Chrome, and where is Device Trust enabled?
Disclosure / reporter	Disclosed 2026-06-04; Chrome release notes say reported by Google on 2026-04-10.

04 · The Call

noisgate verdict.

Final Verdict

↓ DOWNGRADED to MEDIUM (5.6/10)

The decisive factor is that this CVE requires prior renderer compromise, which makes it a post-initial-access browser exploit stage, not a stand-alone remote compromise path. That prerequisite, plus Mac-only scope and likely narrower relevance where Device Trust is actually in play, cuts the real-world exposed population hard enough to move it out of HIGH/CRITICAL patch-panic territory.

HIGH Affected/fixed version range on macOS

HIGH No KEV listing or public active exploitation evidence at assessment time

MEDIUM Population narrowing from Device Trust feature deployment being enterprise-managed-specific

Why this verdict

Major downward adjustment: requires prior renderer compromise — attacker position is effectively *already inside the browser sandbox*, which implies a separate exploit chain has already succeeded
Further downward adjustment: Mac-only — this immediately removes Windows and Linux endpoints from scope
Likely narrower enterprise population — Device Trust is an admin-configured managed-browser feature, so the affected blast radius is probably smaller than generic Chrome memory corruption bugs
No current exploitation amplifier — not KEV-listed, no public PoC, and supplied EPSS is extremely low
Why it stays MEDIUM — a successful sandbox escape from a compromised renderer is still a meaningful security boundary break on a heavily deployed browser

Why not higher?

If this were a direct unauthenticated renderer RCE or if there were active exploitation / KEV evidence, the verdict would jump. But this CVE is explicitly a second-stage sandbox escape and depends on the attacker first solving a different exploit problem, which is strong real-world friction.

Why not lower?

This is still a security boundary bypass in Chrome on macOS, not harmless hygiene. If an adversary already has renderer compromise, this bug can help turn a contained browser foothold into broader endpoint impact, so dismissing it as LOW or IGNORE would understate what it contributes to a chained attack.

05 · Compensating Control

What to do — in priority order.

Force Chrome auto-update on managed Macs — Use your browser management stack to make sure macOS Chrome moves to 149.0.7827.53+. Because this is a MEDIUM verdict there is no noisgate mitigation SLA; treat this as normal patch governance and complete remediation within the 365-day window.
Inventory Device Trust-enabled browser populations — Identify which managed macOS browsers or managed profiles actually have Device Trust connectors/policies enabled, because that is the most plausible narrowed exposure set. There is no mitigation SLA for MEDIUM, so do this as part of scoped remediation planning inside the 365-day remediation window.
Prioritize risky user groups first — Even without a formal mitigation SLA, move admins, developers, security staff, and executives on Macs to the front of the browser update ring because they are more likely to browse risky content and more costly to compromise. That is a practical sequencing step while staying inside the 365-day remediation window.
Keep EDR and browser telemetry tuned for crash-to-child-process patterns — You are unlikely to detect this specific CVE pre-exploitation, but chained browser exploitation often leaves renderer instability, suspicious spawned processes, or post-browser payload behavior. There is no mitigation SLA for MEDIUM; use this as a detection hardening measure while patching normally.

What doesn't work

WAF or perimeter filtering does not solve this; the vulnerable component is a client browser on the endpoint
MFA does not stop browser memory corruption or sandbox escapes; it only helps if the attacker later tries to abuse identities
Network IDS signatures are weak value here because there is no stable wire signature for a custom hostile HTML + renderer exploit + sandbox-escape chain

06 · Verification

Crowdsourced verification payload.

Run this on the target macOS endpoint or via your Mac management agent. Invoke it as bash check_cve_2026_11114.sh "/Applications/Google Chrome.app"; it needs no root privileges and checks the installed Chrome version against the fixed build 149.0.7827.53.

noisgate-verify.sh

BASHREAD-ONLYSAFE

#!/bin/bash
# check_cve_2026_11114.sh
# Checks whether Google Chrome on macOS is below the fixed version for CVE-2026-11114.
# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN

set -u

TARGET_APP="${1:-/Applications/Google Chrome.app}"
PLIST="$TARGET_APP/Contents/Info.plist"
FIXED_VERSION="149.0.7827.53"

version_ge() {
  local a b i max
  IFS='.' read -r -a a <<< "$1"
  IFS='.' read -r -a b <<< "$2"
  if [ "${#a[@]}" -gt "${#b[@]}" ]; then
    max="${#a[@]}"
  else
    max="${#b[@]}"
  fi
  for ((i=0; i<max; i++)); do
    local ai="${a[i]:-0}"
    local bi="${b[i]:-0}"
    if ((10#$ai > 10#$bi)); then
      return 0
    elif ((10#$ai < 10#$bi)); then
      return 1
    fi
  done
  return 0
}

if [ "$(uname -s)" != "Darwin" ]; then
  echo "UNKNOWN: This script must be run on macOS."
  exit 2
fi

if [ ! -f "$PLIST" ]; then
  echo "UNKNOWN: Chrome Info.plist not found at $PLIST"
  exit 2
fi

if ! command -v /usr/libexec/PlistBuddy >/dev/null 2>&1; then
  echo "UNKNOWN: /usr/libexec/PlistBuddy not available"
  exit 2
fi

INSTALLED_VERSION="$(/usr/libexec/PlistBuddy -c 'Print :CFBundleShortVersionString' "$PLIST" 2>/dev/null || true)"

if [ -z "$INSTALLED_VERSION" ]; then
  echo "UNKNOWN: Could not read Chrome version from $PLIST"
  exit 2
fi

if version_ge "$INSTALLED_VERSION" "$FIXED_VERSION"; then
  echo "PATCHED: Google Chrome $INSTALLED_VERSION at $TARGET_APP"
  exit 0
else
  echo "VULNERABLE: Google Chrome $INSTALLED_VERSION at $TARGET_APP"
  exit 1
fi

07 · Bottom Line

If you remember one thing.

TL;DR

Monday morning, pull an inventory of macOS endpoints running Chrome below 149.0.7827.53 and separately identify where Device Trust is enabled so you know the real exposed subset. For a MEDIUM verdict there is no noisgate mitigation SLA — go straight to the 365-day remediation window; roll this into your normal Chrome/Mac browser update process and complete patching within the noisgate remediation SLA by 2027-06-04, while giving earlier attention to high-risk Mac user groups because this bug is a useful sandbox-escape building block if attackers already have a renderer exploit.

Sources

Peer Review

What defenders are saying.

Submit a review attribution: handle + country only

0 flags selected · stored anonymously

Validation Results

Crowdsourced verification outputs.

Results submitted by users who ran the verification payload against their environment.