CVE-2026-10889: Critical ANGLE Sandbox Escape in Google Chrome – Patch to 149.0.7827.53
A memory reading flaw in Chrome's ANGLE graphics library can let an attacker who has already gained control of the browser's rendering process break out of the Chrome sandbox and access the underlying system. The attack requires a specially crafted web page and user interaction, but once the renderer is compromised, this vulnerability opens a direct path to full system compromise. Chrome versions before 149.0.7827.53 are affected.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 8.3 HIGH · CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-125
- Affected products
- 4 configuration(s)
- Published / Modified
- 2026-06-04 / 2026-06-17
NVD description (verbatim)
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
2 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-10889 is an out-of-bounds read vulnerability in ANGLE (Almost Native Graphics Layer Engine), the graphics abstraction layer used by Google Chrome. The flaw is triggered when processing malformed graphics commands via a crafted HTML page. An attacker who has already compromised the Chrome renderer process can exploit this to read memory outside allocated buffers, potentially leaking sensitive data or crafting further exploits. The vulnerability enables sandbox escape, meaning code executing in the restricted renderer context can break containment and execute with the privileges of the host operating system. This is classified as CWE-125 (Out-of-bounds Read), and Google assessed it as Critical severity at the Chromium level.
Business impact
This vulnerability represents a critical escalation risk in multi-stage attacks. While it requires the attacker to first compromise the renderer process (via malicious script injection, malicious ad delivery, or drive-by download), the sandbox escape capability means secondary malware deployed through this path gains system-level access without user elevation prompts. Organizations heavy on browser-based workflows face risk of data exfiltration, lateral movement, and persistence mechanisms planted at the OS level. The attack surface is broad because it only requires a user to visit a malicious or compromised website.
Affected systems
Google Chrome prior to version 149.0.7827.53 is directly affected. The vulnerability impacts Chrome on Windows, macOS, and Linux distributions. Web browsers on these operating systems and any Chromium-based browsers (Edge, Opera, Brave, etc.) that have not applied equivalent patches may also be vulnerable, though official patch guidance should be verified for each vendor. iOS and Android Chrome may have separate patch schedules.
Exploitability
Exploitation requires two prerequisites: first, an attacker must successfully compromise the Chrome renderer process (via script injection, malicious content, or similar vector), and second, the victim must view a page containing the crafted exploit payload. The CVSS vector reflects high impact but intermediate attack complexity due to these prerequisites. While the barrier to initial renderer compromise exists, the subsequent sandbox escape is reliable once triggered, making this particularly dangerous in targeted or high-volume campaign scenarios. No public exploit code is known to be in active use as of the advisory publication.
Remediation
Immediately update Google Chrome to version 149.0.7827.53 or later. For Chromium-based browsers and derivative products, consult vendor advisories for equivalent patch versions. Organizations using managed Chrome deployments should push updates via device management policies. Verify patch deployment before assuming protection, as ANGLE is a core graphics component and requires full browser restart to load patched code. Consider temporary browser usage restrictions for high-risk users pending patch deployment.
Patch guidance
Google Chrome updates are typically deployed automatically, but users and administrators should verify installation by navigating to chrome://settings/help, which will display the current version and trigger update checks. Patches typically roll out over several days; expedited deployment through enterprise policy (Chrome Enterprise or similar) may be necessary for sensitive environments. Test patch compatibility with any organization-specific browser extensions or policies before broad rollout. Ensure users restart their browser fully; simply closing tabs does not unload the vulnerable ANGLE library. For unmanaged environments, educate users to enable automatic updates and restart when prompted.
Detection guidance
Monitor for indicators of renderer process compromise as a precursor: look for suspicious JavaScript execution, unexpected process spawning from Chrome, or unusual system calls from chrome.exe/chrome processes. Post-compromise, detect sandbox escape attempts by monitoring for process privilege escalation events, creation of child processes with SYSTEM or administrator tokens from browser-spawned processes, and file access outside expected browser directories. EDR/XDR platforms should alert on out-of-bounds memory access patterns and graphics driver anomalies. Network detection is limited since the exploit is local once renderer is compromised; focus on command-and-control beaconing or lateral movement that follows sandbox escape. Log Chrome renderer crashes, which may indicate failed exploitation attempts.
Why prioritize this
Assign this vulnerability high priority for immediate patching. Although it requires prior renderer compromise, sandbox escape vulnerabilities are strategically valuable in advanced attacks because they eliminate a key security boundary. Organizations should prioritize Chrome patch deployment above routine updates. The attack surface spans any internet-connected user on Windows, macOS, or Linux; widespread deployment of Chrome elevates organizational risk. While not yet in active exploitation at scale, the combination of ease-of-use and system-level impact makes it attractive to motivated threat actors.
Risk score, explained
The CVSS 3.1 score of 8.3 (HIGH) reflects high confidentiality, integrity, and availability impact due to the sandbox escape capability, but is tempered by moderate attack complexity (the renderer must first be compromised) and requirement for user interaction. The score does not capture the full strategic risk of sandbox escape—which from a defense perspective is often more critical than the individual CVSS number suggests. An organization's actual risk depends heavily on whether users regularly visit untrusted websites and on the maturity of endpoint detection and response (EDR) capabilities.
Frequently asked questions
Do I need to restart my browser after updating Chrome?
Yes. Restarting the entire Chrome browser process is necessary to unload the vulnerable ANGLE library and load the patched version. Closing individual tabs or windows is not sufficient. Most users will see an update notification and should restart their browser when prompted.
Is this vulnerability exploited in the wild?
As of the advisory publication date, this vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog and no public active exploitation has been reported. However, given its critical nature and sandbox escape capability, proactive patching is strongly advised rather than waiting for evidence of in-the-wild use.
Do I need to update Chromium-based browsers like Edge or Brave?
Chromium-based browsers use the same ANGLE graphics library, so they are potentially vulnerable to variants of this issue. Check your browser's security advisories and update to the equivalent patched version. Each vendor (Microsoft for Edge, Brave Software for Brave, etc.) issues their own patch schedule and version numbers.
What does 'sandbox escape' mean and why is it so serious?
Chrome runs web content in a restricted process (the renderer) with limited system permissions as a security boundary. A sandbox escape means an attacker can break out of that restriction and execute code with the full privileges of the user or system. This allows malware deployed via a malicious website to persist, steal data, and move laterally through the network without additional authentication steps.
This analysis is provided for informational purposes. Patch versions and vendor guidance referenced herein should be verified against official Google Chrome security advisories and vendor statements. CVSS scores are provided by the source data and represent one aspect of risk assessment; actual organizational risk may vary based on attack surface, detection capabilities, and business context. No exploit code or weaponized proof-of-concept is provided in this document. Organizations should consult their security operations and vendor support teams for environment-specific remediation timelines and compatibility testing. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10927HIGHChrome Sandbox Escape via Dawn Out-of-Bounds Read
- CVE-2026-10941HIGHSkia Out-of-Bounds Memory Vulnerability in Chrome – Urgent Patch Required
- CVE-2026-11015HIGHCritical Chrome WebGPU Out-of-Bounds Read Vulnerability
- CVE-2026-10998MEDIUMChrome Media Out-of-Bounds Memory Read Vulnerability
- CVE-2026-11004MEDIUMChrome ANGLE Out-of-Bounds Read Memory Disclosure
- CVE-2026-11006MEDIUMChrome Out-of-Bounds Read in Dawn Graphics API—Urgent Patch Required
- CVE-2026-10001HIGHChrome Sandbox Escape via PerformanceManager Use-After-Free
- CVE-2026-10002HIGHGoogle Chrome PDFium Use-After-Free Vulnerability (CVSS 8.8)