CVE-2026-11154 · Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potenti

01 · The Real Story

Like finding a weak hinge on the vault door after the robber is already inside the bank

CVE-2026-11154 is a use-after-free in Chrome's Dawn graphics/WebGPU path affecting Chrome before 149.0.7827.53; vendor advisories show fixed builds as 149.0.7827.53 for Linux and 149.0.7827.53/54 for Windows/macOS. The published description is the important part: the attacker must first have already compromised the renderer process, then use a crafted HTML page to try to turn that foothold into a sandbox escape.

The vendor's 7.5 / HIGH overstates operational urgency for enterprise patch triage. In reality this is a post-renderer-compromise chain component in a very widely deployed product: important, yes, but not equivalent to a direct remote code execution bug that lands from the internet by itself. Chromium itself labels the bug's internal security severity as Medium, and that tracks better with how defenders should prioritize it.

"This is a second-stage Chrome escape, not a one-click internet-facing fire drill."

02 · The Attack Path

4 steps from start to impact.

STEP 01

Land a renderer foothold first

The attacker needs a separate browser exploit or equivalent technique to gain code execution/control inside Chrome's sandboxed renderer. CVE-2026-11154 is not the initial access bug; it is the follow-on component that matters only after the renderer is already compromised.

Conditions required:

User visits attacker-controlled content or otherwise renders attacker-controlled web data
A separate renderer compromise exists and succeeds first
Target is running Chrome prior to 149.0.7827.53/54

Where this breaks in practice:

This prerequisite alone removes the vast majority of normal enterprise browser sessions from exposure
Modern Chrome exploit chains usually need multiple reliable bugs, not just this one
EDR/browser hardening will often catch the first-stage crash or anomalous child-process behavior before a full chain succeeds

Detection/coverage: Version scanners can flag susceptible Chrome builds, but they cannot prove exploitability because the real gate is the separate renderer compromise.

STEP 02

Reach Dawn via crafted HTML/WebGPU activity

Once inside the renderer, the attacker exercises the vulnerable Dawn code path using crafted page content. Dawn sits in Chrome's graphics stack, so exploitation likely depends on hitting a specific feature path rather than merely opening any page.

Conditions required:

Dawn/WebGPU-relevant code path is reachable in the target browsing context
Attacker can drive the renderer with crafted HTML/script content after compromise

Where this breaks in practice:

Feature-path dependence reduces reliable reach across arbitrary browsing sessions
Enterprise browser policies may disable or restrict advanced graphics features for some populations
Exploit reliability for memory-lifetime bugs is often brittle across hardware/driver combinations

Detection/coverage: Very limited. Telemetry may show renderer/GPU instability or repeated tab crashes, but commodity scanners will not validate this path.

STEP 03

Convert the UAF into cross-process impact

The attacker must turn the use-after-free into a controlled memory corruption primitive that crosses the browser's intended security boundary. The published impact is potential sandbox escape, which means this step is the hard part: converting a memory bug into something that breaks containment.

Conditions required:

Reliable heap shaping or memory corruption primitive
Exploit chain that survives Chrome mitigations and process isolation

Where this breaks in practice:

Chrome's sandboxing, Site Isolation, and process separation are specifically designed to limit damage from compromised renderers
Attack complexity is explicitly rated High in the published CVSS vector
No public in-the-wild exploitation or public PoC was found in the sourced material

Detection/coverage: Detection is mostly behavioral: browser crashes, exploit-prevention alerts, or EDR memory-corruption telemetry. There is no strong signature-based coverage for the CVE itself.

STEP 04

Abuse the escaped context

If the sandbox escape succeeds, the attacker can move beyond renderer-only constraints and pursue data theft, persistence staging, or deeper endpoint compromise. That is why the issue still matters even though it is not a first-hop bug.

Conditions required:

Successful sandbox escape
Endpoint controls fail to stop post-escape actions

Where this breaks in practice:

Post-escape behavior runs into EDR, application control, OS exploit mitigations, and enterprise identity controls
Impact is endpoint-local rather than a wormable fleet-wide remote event

Detection/coverage: EDR has the best chance here: suspicious process injection, token abuse, or abnormal browser child-process activity after the escape.

03 · Intelligence Metadata

The supporting signals.

In-the-wild status	No evidence of active exploitation in the sourced material. The CVE record shows SSVC `Exploitation: none`, and the public Chrome release notes do not flag it as exploited.
KEV status	Not listed in the CISA KEV catalog as of 2026-06-06.
EPSS	0.00035 with 0.10818 percentile in the CVE record mirror, which is extremely low for near-term wild exploitation prediction.
Proof-of-concept availability	No public PoC located in the sourced material. Bug details remain restricted in Google's tracker, which is normal for fresh Chrome memory-safety fixes.
Vendor vs Chromium severity	CISA-ADP/NVD display 7.5 HIGH, but the Chrome CNA description explicitly says `Chromium security severity: Medium`. For patch triage, Chromium's internal rating better matches the real attack path.
CVSS vector interpretation	`CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H` means internet-deliverable content, high complexity, user interaction required, and high endpoint impact if exploitation works. The hidden catch is the text prerequisite: renderer compromise first.
Affected versions	Chrome prior to 149.0.7827.53 per the CVE record; advisories show desktop fixed builds at 149.0.7827.53 Linux and 149.0.7827.53/54 Windows/macOS.
Fixed versions / downstream notes	Patch is in Chrome 149.0.7827.53/54. Chromium-based downstreams typically inherit upstream fixes on their next rebases; validate vendor-specific backports separately rather than assuming same-day uptake.
Scanning / exposure reality	This is a client-side browser flaw, so Shodan/Censys/FOFA-style external exposure data is largely irrelevant. Your true exposure is your managed Chrome population and update lag, not internet-facing service count.
Disclosure / reporter	Published 2026-06-04; Chrome release notes show it was reported by Google on 2026-04-12.

04 · The Call

noisgate verdict.

Final Verdict

↓ DOWNGRADED to MEDIUM (5.4/10)

The decisive factor is the published prerequisite that the attacker must have already compromised the renderer process. That makes this a second-stage browser escape component, not a direct internet-to-endpoint compromise path, which sharply reduces both exposed population and practical exploit frequency despite Chrome's large footprint.

HIGH Renderer-compromise prerequisite materially lowers real-world urgency

MEDIUM Likely impact if chained successfully is serious endpoint compromise

Why this verdict

Renderer compromise required: start from the vendor's 7.5, then subtract hard because the attacker already needs a prior exploit stage inside the sandboxed renderer. That implies this CVE is post-initial-compromise in the browser threat model, not raw unauthenticated internet reachability.
High complexity and user interaction: subtract again because the vector already says AC:H and UI:R, and the CVE text adds a non-trivial chain dependency. This is not something commodity opportunistic actors spray at scale with confidence.
Chrome ubiquity keeps it above LOW: add some weight back because Chrome is everywhere, and a working sandbox escape meaningfully upgrades a renderer foothold into a real endpoint problem for high-value users.

Why not higher?

There is no KEV listing, no sourced public exploitation, and no sourced public PoC. More importantly, the attack path assumes a prior renderer compromise, which is a compounding friction point that sharply narrows the reachable population compared with first-stage browser RCEs.

Why not lower?

A sandbox escape in Chrome is still strategically valuable because it can convert a contained renderer foothold into broader host impact. In a targeted intrusion against developers, admins, or executives, this kind of second-stage browser bug absolutely matters even if it is not fleet-panic material.

05 · Compensating Control

What to do — in priority order.

Verify browser auto-update health — Confirm managed endpoints are actually receiving Chrome stable updates and are not pinned behind broken update channels or frozen package repos. For a MEDIUM verdict there is no mitigation SLA, but this should still be checked in the next normal maintenance cycle because stale browsers turn chainable bugs into standing exposure.
Restrict WebGPU/Dawn where business allows — Use enterprise browser policy to disable or limit WebGPU/graphics-heavy feature exposure for higher-risk user groups if you already run restrictive browser baselines. There is no mitigation SLA for this rating; treat it as optional hardening while patch adoption catches up.
Prioritize high-risk user rings — Push patched Chrome builds first to admins, developers, security staff, and executives who are most likely to face targeted browser exploitation chains. Even without a mitigation SLA, ring-based acceleration reduces the value of second-stage browser escapes.
Watch for browser crash clusters — Mine EDR, crash telemetry, and browser stability data for spikes in renderer/GPU crashes on pre-patch builds. Repeated instability around crafted-content browsing is one of the few practical early signals for memory-corruption attempts in this class.

What doesn't work

A WAF does not help; the vulnerable code executes in the client browser, not on your web tier.
External attack-surface scanning does not help; this is not an internet-facing server exposure problem.
Email filtering alone is incomplete; even if phishing is one delivery route, the real issue is a browser exploit chain after the user renders attacker-controlled content.

06 · Verification

Crowdsourced verification payload.

Run this on the target endpoint itself or through your EDR live-response shell. Invoke with python3 chrome_cve_2026_11154_check.py on macOS/Linux or py chrome_cve_2026_11154_check.py on Windows; standard user rights are usually enough because the script only reads local version information from common install paths and the Windows registry.

noisgate-verify.py

PYTHONREAD-ONLYSAFE

#!/usr/bin/env python3
# CVE-2026-11154 Chrome version check
# Output: VULNERABLE / PATCHED / UNKNOWN
# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN

import os
import platform
import re
import subprocess
import sys

TARGET_LINUX = (149, 0, 7827, 53)
TARGET_WINDOWS = (149, 0, 7827, 53)
TARGET_MAC = (149, 0, 7827, 54)


def parse_version(text):
    m = re.search(r'(\d+)\.(\d+)\.(\d+)\.(\d+)', text or '')
    if not m:
        return None
    return tuple(int(x) for x in m.groups())


def run_cmd(cmd):
    try:
        p = subprocess.run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True, timeout=10)
        out = (p.stdout or '') + ' ' + (p.stderr or '')
        return out.strip()
    except Exception:
        return ''


def compare(v1, v2):
    if v1 is None:
        return None
    return (v1 > v2) - (v1 < v2)


def get_windows_version():
    candidates = []
    reg_queries = [
        ["reg", "query", r"HKLM\Software\Google\Chrome\BLBeacon", "/v", "version"],
        ["reg", "query", r"HKCU\Software\Google\Chrome\BLBeacon", "/v", "version"],
        ["reg", "query", r"HKLM\Software\WOW6432Node\Google\Chrome\BLBeacon", "/v", "version"],
    ]
    for q in reg_queries:
        out = run_cmd(q)
        v = parse_version(out)
        if v:
            candidates.append(("registry", v))

    exe_paths = [
        os.path.expandvars(r"%ProgramFiles%\Google\Chrome\Application\chrome.exe"),
        os.path.expandvars(r"%ProgramFiles(x86)%\Google\Chrome\Application\chrome.exe"),
        os.path.expandvars(r"%LocalAppData%\Google\Chrome\Application\chrome.exe"),
    ]
    for path in exe_paths:
        if path and os.path.exists(path):
            out = run_cmd([path, "--version"])
            v = parse_version(out)
            if v:
                candidates.append((path, v))

    return candidates[0] if candidates else (None, None)


def get_macos_version():
    paths = [
        "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome",
        os.path.expanduser("~/Applications/Google Chrome.app/Contents/MacOS/Google Chrome"),
    ]
    for path in paths:
        if os.path.exists(path):
            out = run_cmd([path, "--version"])
            v = parse_version(out)
            if v:
                return (path, v)
    return (None, None)


def get_linux_version():
    cmds = [
        ["google-chrome", "--version"],
        ["google-chrome-stable", "--version"],
        ["chromium", "--version"],
        ["chromium-browser", "--version"],
    ]
    for cmd in cmds:
        out = run_cmd(cmd)
        v = parse_version(out)
        if v:
            return (' '.join(cmd), v)
    return (None, None)


def main():
    system = platform.system().lower()
    source, version = (None, None)
    target = None

    if 'windows' in system:
        source, version = get_windows_version()
        target = TARGET_WINDOWS
    elif 'darwin' in system or 'mac' in system:
        source, version = get_macos_version()
        target = TARGET_MAC
    elif 'linux' in system:
        source, version = get_linux_version()
        target = TARGET_LINUX
    else:
        print('UNKNOWN: unsupported platform {}'.format(platform.system()))
        sys.exit(2)

    if version is None:
        print('UNKNOWN: could not determine installed Chrome/Chromium version')
        sys.exit(2)

    cmp_result = compare(version, target)
    version_str = '.'.join(str(x) for x in version)
    target_str = '.'.join(str(x) for x in target)

    if cmp_result < 0:
        print('VULNERABLE: detected version {} from {} ; requires >= {}'.format(version_str, source, target_str))
        sys.exit(1)
    else:
        print('PATCHED: detected version {} from {} ; required >= {}'.format(version_str, source, target_str))
        sys.exit(0)


if __name__ == '__main__':
    main()

07 · Bottom Line

If you remember one thing.

TL;DR

Monday morning, treat this as a managed-browser hygiene patch with chain-risk, not as a stop-everything emergency. Because the reassessed verdict is MEDIUM, there is no noisgate mitigation SLA — go straight to the 365-day remediation window; practically, verify Chrome auto-update health now, push 149.0.7827.53/54 through normal browser rings, and clean up laggards well before the noisgate remediation SLA of ≤365 days. If you already maintain a hardened browser policy for high-risk users, optionally disable or restrict WebGPU/Dawn there while patch adoption finishes, but do not let this displace true first-hop browser zero-days.

Sources

Peer Review

What defenders are saying.

Submit a review attribution: handle + country only

0 flags selected · stored anonymously

Validation Results

Crowdsourced verification outputs.

Results submitted by users who ran the verification payload against their environment.