
PEACH
Un cadre d’isolation des locataires
CVE-2026-14152 is an out-of-bounds read and write vulnerability in ANGLE (Almost Native Graphics Layer Engine) in Google Chrome. It affects all Chrome versions prior to 150.0.7871.47 on Windows, Mac, and Linux. A remote attacker who has already compromised the renderer process can exploit this flaw via a crafted HTML page to potentially escape the renderer sandbox. The vulnerability was published on June 30, 2026, and is rated Low severity by Chromium's internal security team; a formal CVSS base score has not yet been assigned (GitHub Advisory, Chrome Releases).
The vulnerability is classified as CWE-787 (Out-of-bounds Write), with an additional estimate of CWE-125 (Out-of-bounds Read), residing in Chrome's ANGLE graphics abstraction layer, which translates OpenGL ES API calls to platform-specific graphics APIs. An attacker who has already achieved renderer process compromise can trigger out-of-bounds memory reads and writes through a specially crafted HTML page, potentially leveraging this to break out of the renderer sandbox. Exploitation requires a pre-existing renderer compromise as a precondition, making this a second-stage or chained exploit primitive rather than a standalone remote code execution vector. The Chromium issue tracker entry is tracked at issue #517534944 (GitHub Advisory, Chrome Releases).
Successful exploitation allows an attacker who has already compromised the Chrome renderer process to perform a sandbox escape, potentially gaining code execution at a higher privilege level on the host system. This could enable access to sensitive data outside the browser sandbox, persistence mechanisms, or further lateral movement within the affected system. The practical impact is contingent on the attacker first achieving renderer compromise through a separate vulnerability (GitHub Advisory).
Google has addressed this vulnerability in Chrome 150.0.7871.47 (Windows/Mac) and 150.0.7871.46 (Linux), released on June 30, 2026. Users and administrators should update Chrome to version 150.0.7871.47 or later immediately. As an additional control, organizations can implement network-level restrictions to limit user access to untrusted or unknown websites that could serve as initial exploitation vectors for renderer compromise (Chrome Releases, GitHub Advisory).
Source: Ce rapport a été généré à l’aide de l’IA
Évaluation gratuite des vulnérabilités
Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.
Obtenez une démo personnalisée
"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."