← Back to Feed CACHED · 2026-05-17 09:42:19 · cache_key CVE-2025-29912
CVE-2026-11147 · CWE-416 · Disclosed 2026-06-04

Use after free in WebML in Google Chrome on Windows prior to 149

ASSESSED — NOISGATE V0.5
Vendor
Reassessed
Verdict:
01 · The Real Story

This is a burglar getting into the lobby, not the vault

CVE-2026-11147 is a use-after-free in Chrome's WebML component on Windows. A malicious site can trigger memory corruption through crafted HTML and, if exploitation succeeds, execute code inside a sandboxed Chrome process on Windows versions prior to 149.0.7827.53. The available record does not describe host-level code execution, privilege escalation, or sandbox escape as part of this CVE.

The 8.8/HIGH CVSS baseline overstates real enterprise impact because it scores the memory-corruption primitive as if confidentiality, integrity, and availability of the endpoint are directly lost. In practice, the decisive friction is that the attacker lands inside Chrome's sandbox, which Chromium's own severity guidance treats as materially less severe than code execution on the underlying platform. That keeps this in MEDIUM unless you have evidence of exploitation chains, sandbox escapes, or a business case where exposed browser sessions themselves are the crown jewels.

"Drive-by reachable, but the bug lands in Chrome's sandbox, not the host OS"
02 · The Attack Path

4 steps from start to impact.

STEP 01

Lure the user to attacker-controlled content

The attacker needs a Windows user running vulnerable Chrome to load a crafted page that exercises the WebML code path. The delivery mechanism is standard browser initial access: phishing links, malvertising, compromised sites, or embedded third-party content. Weaponized content here is just hostile HTML/JavaScript using the browser feature surface.
Conditions required:
  • Target is on Windows
  • Chrome version is below 149.0.7827.53
  • User opens attacker-controlled or attacker-influenced web content
Where this breaks in practice:
  • Requires user interaction / browsing rather than blind network reachability
  • Enterprise web filtering, Safe Browsing, ad blocking, and link isolation remove a lot of commodity delivery volume
  • This is not an exposed server-side service, so internet-wide opportunistic scanning does not directly cash out
Detection/coverage: Network scanners generally miss this class. Detection is mostly via browser-version inventory, URL telemetry, proxy logs, Safe Browsing alerts, and EDR/browser child-process telemetry.
STEP 02

Trigger WebML memory corruption

The exploit must reliably drive a use-after-free in the WebML component and groom process memory well enough to turn a crash into instruction control. This is the classic browser-exploit problem: converting a bug into stable code execution under modern mitigations. Tooling would typically be a custom exploit script rather than off-the-shelf commodity frameworks.
Conditions required:
  • The vulnerable WebML path is reachable in the target browser build
  • Attacker can shape heap state precisely enough for a reliable exploit
Where this breaks in practice:
  • Browser memory-corruption exploitation is non-trivial even when the bug is reachable
  • No public PoC or exploit repository was found during verification
  • Chrome exploit reliability is weakened by ongoing hardening, crash defenses, and process isolation
Detection/coverage: Vulnerability scanners can only infer exposure from version. EDR may see renderer crashes, repeated browser faults, suspicious JIT behavior, or anomalous renderer child-process patterns, but exploit-specific signatures are usually weak.
STEP 03

Gain code execution inside the renderer sandbox

If exploitation works, the attacker gets arbitrary code execution inside a sandboxed Chrome process. That can still matter: it may allow same-session abuse, origin data access in that process, follow-on exploit staging, or chaining into another local/browser bug. But this CVE by itself is not described as escaping the sandbox.
Conditions required:
  • Successful memory-corruption exploitation in the browser process hosting the vulnerable feature
Where this breaks in practice:
  • The sandbox is the main severity brake here
  • Modern EDR, browser exploit mitigations, and process containment reduce post-exploit freedom
  • Impact is materially narrower than host-level RCE
Detection/coverage: EDR can sometimes catch suspicious shellcode-like behavior in chrome.exe renderer processes, but many products will only flag later-stage activity. Browser telemetry is more useful for version exposure than exploit proof.
STEP 04

Chain to meaningful endpoint compromise

To turn this into a full workstation incident, the attacker usually needs a second vulnerability such as a sandbox escape, privilege escalation, or separate credential theft path. Without that chain, the blast radius is constrained to the compromised browser sandbox context. That gap is why this scores lower than a true browser-to-OS RCE.
Conditions required:
  • A separate sandbox escape or local privilege escalation exists and is usable
  • Defender controls do not block the second stage
Where this breaks in practice:
  • Requires additional bugs or post-exploitation paths not included in this CVE
  • Each extra prerequisite sharply reduces real-world exploit population and reliability
  • Many enterprises catch second-stage behavior even when first-stage browser exploitation is missed
Detection/coverage: Detection improves significantly at this stage: child process launches from Chrome, token theft, LOLBin abuse, persistence, or abnormal broker interaction are all higher-signal than the initial memory bug.
03 · Intelligence Metadata

The supporting signals.

In-the-wild statusNo confirmed exploitation found in the sources reviewed. The NVD entry does not mention active exploitation, and the CVE is not in CISA KEV.
Proof-of-concept availabilityNo public PoC located via verified search. The Chromium issue reference exists but is permission-restricted, and no public GitHub exploit repo surfaced in review.
EPSS0.00071 per the user-provided intel; that is a *very low* predicted 30-day exploitation probability. FIRST's EPSS data model confirms score/percentile semantics, but the exact percentile for this CVE was not directly exposed in the browsable view reviewed.
KEV statusNot KEV-listed as of the CISA KEV catalog page reviewed on 2026-06-05.
CVSS vector and what it really meansCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H assumes major CIA loss after a user browses attacker content. The practical mismatch is that the record says code execution occurs inside a sandbox, so endpoint impact is overstated unless paired with a second-stage escape.
Affected versionsGoogle Chrome on Windows prior to 149.0.7827.53. NVD's affected configuration explicitly ties this CVE to Chrome plus Windows.
Fixed versionsChrome 149.0.7827.53 or later on Windows. Google's June 2, 2026 stable release promoted Chrome 149 to stable and NVD points to that release advisory for this CVE.
Scanning / exposure realityShodan/Censys/FOFA are basically irrelevant here because this is a client-side browser flaw, not a listening network service. Your real exposure count comes from endpoint software inventory, EDR, MDM, or browser enterprise reporting—not internet attack-surface scans.
Disclosure timingDisclosed 2026-06-04 in the CVE record; NVD shows publication on 2026-06-04 and last modification on 2026-06-05.
Researcher / reporterUnknown publicly from the sources reviewed. The linked Chromium issue is access-restricted, and the public Chrome stable-release highlights did not name this CVE's reporter.
04 · The Call

noisgate verdict.

Final Verdict
DOWNGRADED to MEDIUM (6.1/10)

The single biggest severity brake is simple: this bug buys execution in Chrome's sandbox, not native code execution on the Windows host. That keeps it materially below true browser RCE despite the huge browser install base and easy drive-by delivery model.

HIGH Affected version range and patched build
HIGH No-KEV / no confirmed public exploitation status
MEDIUM Operational exploitability of the WebML code path because the Chromium bug is permission-restricted

Why this verdict

  • Sandboxed outcome cuts the score down hard: the published description says arbitrary code runs *inside a sandbox*, not on the endpoint OS.
  • User-browsing requirement adds friction: this is a drive-by/browser-delivery bug, not unauthenticated reachability to an exposed enterprise service.
  • No exploitation signal: not in KEV, no public PoC found, and the provided EPSS is extremely low at 0.00071.
  • Windows-only scope narrows population: Mac, Linux, ChromeOS, and server-side browserless estates are out of scope for this CVE as published.
  • Browser ubiquity keeps it from dropping lower: Chrome is everywhere, and memory corruption in a renderer is still a valid first-stage foothold for exploit chains.

Why not higher?

A higher rating would need evidence that this CVE routinely becomes host compromise, such as a sandbox escape, active exploitation, or a public exploit chain. None of that is present in the verified sources. The record itself confines execution to the sandbox, which is exactly the sort of mitigating factor Chromium says can reduce severity.

Why not lower?

This is still remote, low-complexity, no-auth memory corruption delivered by normal browsing. Even sandboxed browser code execution can expose active session data, enable follow-on exploitation, or act as a chainable first stage, so writing it off as LOW would understate the risk on a large Windows fleet.

05 · Compensating Control

What to do — in priority order.

  1. Inventory vulnerable Chrome builds — Use EDR, MDM, SCCM/Intune, or Chrome enterprise reporting to identify Windows hosts below 149.0.7827.53. For a MEDIUM verdict there is no mitigation SLA — go straight to the 365-day remediation window, but you still need exposure numbers before you can manage rollout rationally.
  2. Force automatic browser updates — Make sure Chrome auto-update is enabled and not blocked by stale enterprise policy, broken update services, or pinned version rings. This is the cleanest control because it removes the vulnerable code path rather than trying to detect exploit behavior after the fact; for this MEDIUM case, use it as part of normal patching and complete remediation within 365 days.
  3. Tighten web delivery controls — Reduce drive-by exposure with URL filtering, Safe Browsing enforcement, ad/tracker blocking where policy allows, and isolation for high-risk browsing populations. These controls are only partial, but they cut the chance a user ever renders the malicious page while you work through the 365-day remediation window.
  4. Watch Chrome child-process abuse — Tune EDR analytics for suspicious chrome.exe behavior such as unexpected child processes, script hosts, LOLBins, credential-store access, or bursty renderer crashes. This does not prevent the memory bug, but it helps catch the second-stage behavior that would matter most if an attacker chained beyond the sandbox during the 365-day remediation window.
  5. Isolate risky user cohorts — Apply stricter browser isolation or hardened browsing profiles to admins, developers, finance, help desk, and users who regularly hit untrusted web content. The value here is blast-radius reduction: if this becomes part of a chain, you want the highest-value sessions least exposed while normal remediation completes within 365 days.
What doesn't work
  • A perimeter vulnerability scan will not meaningfully find or validate this because Chrome is a client application, not a listening service.
  • WAF rules do not help on endpoints browsing arbitrary third-party sites; there is no server-side app you control to shield.
  • Network segmentation alone does not stop the initial exploit because delivery is via normal outbound browsing.
  • Antivirus signatures alone are weak coverage for fresh browser memory-corruption exploits; they may catch payloads later, not the renderer compromise itself.
06 · Verification

Crowdsourced verification payload.

Run this on the target Windows endpoint or through your software-distribution/EDR remote shell. Invoke it with powershell -ExecutionPolicy Bypass -File .\check-chrome-cve-2026-11147.ps1; it needs only normal user rights to read file versions, but local admin helps if you want complete coverage of all install paths.

noisgate-verify.ps1
POWERSHELLREAD-ONLYSAFE
# check-chrome-cve-2026-11147.ps1

# Purpose: Determine whether Google Chrome on Windows is vulnerable to CVE-2026-11147

# Logic: Vulnerable if Chrome version is installed and is lower than 149.0.7827.53

# Output: VULNERABLE / PATCHED / UNKNOWN

# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN


$ErrorActionPreference = 'SilentlyContinue'

function Get-ChromePaths {
    $paths = @(
        "$Env:ProgramFiles\Google\Chrome\Application\chrome.exe",
        "$Env:ProgramFiles(x86)\Google\Chrome\Application\chrome.exe",
        "$Env:LocalAppData\Google\Chrome\Application\chrome.exe"
    )

    $regPaths = @(
        'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe',
        'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe',
        'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe'
    )

    foreach ($reg in $regPaths) {
        $p = (Get-ItemProperty -Path $reg).'(default)'
        if ($p) { $paths += $p }
    }

    return $paths | Where-Object { $_ -and (Test-Path $_) } | Select-Object -Unique
}

function Get-VersionObject {
    param([string]$VersionString)
    try {
        return [version]$VersionString
    } catch {
        return $null
    }
}

$fixedVersion = Get-VersionObject '149.0.7827.53'
$chromePaths = Get-ChromePaths

if (-not $chromePaths -or $chromePaths.Count -eq 0) {
    Write-Output 'UNKNOWN: Google Chrome not found in common paths or registry.'
    exit 2
}

$foundAny = $false
$foundVulnerable = $false
$details = @()

foreach ($path in $chromePaths) {
    $file = Get-Item $path
    if (-not $file) { continue }

    $verString = $file.VersionInfo.ProductVersion
    if (-not $verString) { $verString = $file.VersionInfo.FileVersion }

    if (-not $verString) {
        $details += "UNKNOWN version at $path"
        continue
    }

    $ver = Get-VersionObject $verString
    if (-not $ver) {
        $details += "UNKNOWN parse failure at $path ($verString)"
        continue
    }

    $foundAny = $true

    if ($ver -lt $fixedVersion) {
        $foundVulnerable = $true
        $details += "VULNERABLE at $path ($ver)"
    } else {
        $details += "PATCHED at $path ($ver)"
    }
}

if (-not $foundAny) {
    Write-Output 'UNKNOWN: Chrome found, but version could not be determined.'
    $details | ForEach-Object { Write-Output $_ }
    exit 2
}

if ($foundVulnerable) {
    Write-Output 'VULNERABLE'
    $details | ForEach-Object { Write-Output $_ }
    exit 1
}

Write-Output 'PATCHED'
$details | ForEach-Object { Write-Output $_ }
exit 0
07 · Bottom Line

If you remember one thing.

TL;DR
Monday morning: treat this as broad but not urgent Windows browser hygiene, not a drop-everything incident. Pull a version-based list of Windows Chrome installs, validate that auto-update is functioning, and roll vulnerable hosts into your next normal browser patch wave; for a MEDIUM verdict there is no noisgate mitigation SLA — go straight to the 365-day remediation window, and the noisgate remediation SLA is ≤ 365 days. If you discover separate evidence of active exploitation, a public exploit chain, or a paired sandbox escape, reclassify immediately and accelerate far beyond this schedule.

Sources

  1. NVD CVE-2026-11147
  2. Google Chrome stable channel update for Desktop - June 2, 2026
  3. Google Chrome early stable update for Desktop - May 29, 2026
  4. Chromium severity guidelines
  5. Chrome sandbox diagnostics for Windows
  6. Chromium memory safety overview
  7. FIRST EPSS data and statistics
  8. CISA Known Exploited Vulnerabilities catalog
Peer Review

What defenders are saying.

Submit a review attribution: handle + country only
0 flags selected · stored anonymously
Validation Results

Crowdsourced verification outputs.

Results submitted by users who ran the verification payload against their environment.