CVE-2026-11158: macOS Chrome Sandbox Escape via AppleScript Input Validation Flaw
A vulnerability in Google Chrome's download handling on macOS allows a local attacker to potentially escape Chrome's sandbox protection using a specially crafted AppleScript command. The issue stems from insufficient validation of user-supplied input. An attacker with local access to an affected Mac could exploit this to break out of the browser sandbox and gain elevated system privileges, though user interaction (such as clicking on a malicious download link or AppleScript trigger) is required.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 8.6 HIGH · CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-20
- Affected products
- 2 configuration(s)
- Published / Modified
- 2026-06-04 / 2026-06-17
NVD description (verbatim)
Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. (Chromium security severity: Medium)
2 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-11158 is an input validation flaw (CWE-20) in the Downloads component of Google Chrome on macOS versions prior to 149.0.7827.53. The vulnerability allows local privilege escalation through a sandbox escape when an attacker crafts a malicious AppleScript command that bypasses validation checks. The attack vector is local, requires no special privileges to initiate, but does require user interaction. The resulting compromise allows arbitrary code execution with Chrome's system-level permissions, potentially affecting confidentiality, integrity, and availability of the affected system.
Business impact
This vulnerability poses significant risk to organizations with macOS-based workforces using Chrome. A successful exploit could allow attackers to bypass Chrome's sandbox isolation, potentially leading to unauthorized access to system resources, sensitive data exfiltration, lateral movement to other systems on the network, or deployment of malware. Organizations that rely on Chrome's sandbox as a security boundary should treat this as a critical remediation priority. Supply chain scenarios are also concerning: an attacker could distribute a seemingly benign file or AppleScript that triggers the vulnerability when downloaded through Chrome.
Affected systems
Google Chrome on Apple macOS is affected prior to version 149.0.7827.53. This includes all macOS versions running vulnerable Chrome releases. The vulnerability is specific to the macOS platform due to its reliance on AppleScript commands; Windows and Linux Chrome versions are not affected. Organizations should inventory Chrome deployments on Mac systems and prioritize patching immediately.
Exploitability
While the Chromium project classified this as Medium severity, the CVSS 3.1 score of 8.6 (HIGH) reflects the serious sandbox-escape nature of the flaw. Exploitation requires local access to the affected system and user interaction (UI requirement in the CVSS vector), which somewhat limits widespread remote exploitation. However, the low complexity (AC:L) and no privilege requirement (PR:N) mean that any local user can potentially trigger the attack if they can convince another user to interact with a malicious file or link. The scope change (S:C) indicates that impact extends beyond the vulnerable component to the entire system. The vulnerability is not currently listed on the CISA Known Exploited Vulnerabilities catalog, but this does not guarantee lack of active exploitation.
Remediation
Immediately update Google Chrome to version 149.0.7827.53 or later. macOS users should enable automatic Chrome updates or manually check Settings > About Google Chrome to trigger an update. IT administrators managing Chrome deployments should push this update through their device management tools (MDM/EMM) as a priority. After patching, verify that Chrome has fully restarted to ensure the new version is running. For environments that cannot immediately patch, consider restricting Chrome usage or implementing additional monitoring for suspicious local activity and AppleScript execution.
Patch guidance
Google Chrome on macOS will automatically update to version 149.0.7827.53 or later if auto-updates are enabled. To manually verify patching: open Chrome, navigate to Settings > About Google Chrome, and check the installed version number against 149.0.7827.53. The browser will automatically restart if an update is available and ready. For managed deployments, refer to Google's Chrome Enterprise release notes and MDM update policies to ensure rollout to all managed devices. Test the patch in a non-production environment before wide deployment if your organization has custom Chrome configurations or extensions.
Detection guidance
Monitor for suspicious AppleScript execution on macOS systems, particularly those involving Chrome or file download operations. Look for process execution events where AppleScript (osascript) is launched with arguments referencing Downloads directories or file manipulation commands. Endpoint Detection and Response (EDR) solutions should alert on AppleScript spawning processes with elevated privileges or system access. In Chrome's logs, watch for unusual download events combined with subsequent system calls or sandbox violation indicators. Organizations without EDR should enable System Integrity Protection (SIP) on macOS to provide an additional sandbox enforcement layer.
Why prioritize this
This vulnerability merits immediate patching due to the combination of high CVSS score (8.6), sandbox-escape capability, local attack vector, and moderate exploitability barriers (user interaction required). While not yet in active public exploitation, the technical simplicity and macOS-specific nature mean that working exploits could emerge quickly. The comprehensive impact on system confidentiality, integrity, and availability (all marked 'High' in CVSS) makes this a critical risk to Chrome users on macOS.
Risk score, explained
The CVSS 3.1 score of 8.6 reflects the severe impact of a successful sandbox escape: an attacker gains the ability to execute arbitrary code with Chrome's privileges and potentially escalate to system level. The local attack vector (AV:L) and required user interaction (UI:R) prevent this from being rated critical (9.0+), but the scope change from 'Unchanged' to 'Changed' (S:C) and high impact across all three security properties (C:H, I:H, A:H) elevate this to HIGH severity. For comparison, this score aligns with vulnerabilities that can result in complete system compromise if the preconditions are met.
Frequently asked questions
Does this vulnerability affect Chrome on Windows or Linux?
No. This vulnerability is specific to macOS due to its dependence on AppleScript command handling. Chrome on Windows and Linux is not affected. However, all macOS users running Chrome versions prior to 149.0.7827.53 should update immediately.
What happens if I don't update Chrome?
An attacker with local access to your Mac could potentially craft a malicious AppleScript and distribute it via a download link or file. If you interact with it (which requires user action), the attacker could escape Chrome's sandbox and gain the ability to access your system files, steal data, install malware, or compromise your entire device.
Can this be exploited remotely?
No, this vulnerability requires local access to the affected macOS system. It cannot be exploited over a network alone. However, an attacker could distribute malicious files or links via email or web that, when a user downloads and interacts with them locally, trigger the vulnerability.
Is automatic Chrome updating sufficient, or do I need to do anything manually?
If you have Chrome's automatic updates enabled (the default setting), your browser will update to the patched version automatically and restart. You can verify the update by going to Settings > About Google Chrome. If you prefer manual control or manage Chrome in a corporate environment, check with your IT department or manually verify the version matches 149.0.7827.53 or later.
This analysis is provided for informational purposes to assist security professionals in vulnerability assessment and remediation planning. SEC.co makes no warranty regarding the completeness or accuracy of this intelligence. Verify all patch versions, CVSS scores, and vendor guidance directly against official vendor advisories and release notes before making deployment decisions. Actual exploitability and business risk may vary based on organizational factors, endpoint configuration, and threat model. Always test patches in a controlled environment before wide deployment. Source: NVD (public-domain), retrieved 2026-07-13. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10021HIGHGoogle Chrome USB Validation Flaw – RCE Vulnerability Patch
- CVE-2026-10904HIGHChrome V8 Sandbox Escape Remote Code Execution
- CVE-2026-10911HIGHChrome Sandbox Escape Vulnerability (High Severity)
- CVE-2026-10917HIGHChrome Media Sandbox Escape Vulnerability (High CVSS 8.3)
- CVE-2026-10920HIGHChrome macOS WebShare Sandbox Escape Vulnerability (v149)
- CVE-2026-10922HIGHChrome DevTools Same-Origin Policy Bypass (CVSS 8.8)
- CVE-2026-10969HIGHChrome Extension Privilege Escalation Vulnerability – Patch Guidance
- CVE-2026-10970HIGHChrome Sandbox Escape via InterestGroups Input Validation Flaw