Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-9892

Опубликовано: 27 мая 2026
Источник: redhat
CVSS3: 8.7
EPSS Низкий

Описание

Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

An inappropriate implementation flaw was found in the Skia component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=513948178

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-807
https://bugzilla.redhat.com/show_bug.cgi?id=2483103chromium-browser: Inappropriate implementation in Skia

EPSS

Процентиль: 11%
0.00206
Низкий

8.7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-9892

CVSS3: 8.3
ubuntu
29 дней назад

Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

nvd логотип

CVE-2026-9892

CVSS3: 8.3
nvd
29 дней назад

Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

msrc логотип

CVE-2026-9892

msrc
28 дней назад

Chromium: CVE-2026-9892 Inappropriate implementation in Skia

debian логотип

CVE-2026-9892

CVSS3: 8.3
debian
29 дней назад

Inappropriate implementation in Skia in Google Chrome on Android prior ...

github логотип

GHSA-6xx9-x287-3539

CVSS3: 8.3
github
29 дней назад

Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

EPSS

Процентиль: 11%
0.00206
Низкий

8.7 High

CVSS3