Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.6
Google Chrome GPU Vulnerability: Sandbox Escape Risk
DEBIAN-CVE-2026-9967
Summary
Prior to version 148.0.7778.216, Google Chrome's GPU feature had a security issue that could be exploited by a malicious website to break out of its security sandbox and potentially take control of your computer. This is a significant risk because it could allow attackers to steal sensitive information or install malware on your device. To protect yourself, make sure to update Google Chrome to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | chromium | All versions |
| Debian:12 | debian | chromium | All versions |
| Debian:13 | debian | chromium | All versions |
| Debian:14 | debian | chromium | All versions |
Original title
Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Original description
Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
osv CVSS3.1
9.6
- https://security-tracker.debian.org/tracker/CVE-2026-9967 Vendor Advisory
Published: 28 May 2026 · Updated: 30 May 2026 · First seen: 30 May 2026