HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-10968Published Modified CNA Chrome

CVE-2026-10968: Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149

Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Metrics

CVSS v3.1
7.4
Severity
HIGH
Fixed in
149.0.7827.53
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is an insufficient input validation vulnerability in the Dawn graphics component of Google Chrome on Windows, affecting versions prior to 149.0.7827.53. It is reachable over the network and requires no authentication, but does require a victim to interact with a crafted HTML page; additionally, the attacker must have already compromised the renderer process. Successful exploitation allows the attacker to leak cross-origin data, meaning they can read data from web origins other than the one the victim is browsing. A patched-image rebuild at version 149.0.7827.53 is available on HarborGuard for affected environments.

HarborGuard Coverage

Detection

Detection capability is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images in connected registries and CI/CD pipelines, including custom-built images that bundle Chrome or Chromium. Coverage applies to both tagged releases and intermediate build layers.

Available
Triage

HarborGuard scores this finding at CVSS 7.4 (High) and weights it against each environment's configured compliance policy, surfacing it to the appropriate team inbox within the customer org. Per-environment context, such as whether Chrome is bundled in a container exposed to external traffic, is factored into prioritization.

Available
Patch

A patched-image rebuild at Chrome 149.0.7827.53 is available on HarborGuard for any environment running an affected version. For customers with auto-remediation enabled, the rebuild is followed by an automated regression-test run and a PR opened against affected workloads.

Available

Exploit Conditions

  • Network reachabilityRequired

    The attacker delivers the exploit over the network by directing the victim to a crafted HTML page, so the affected service must be reachable from the internet or an accessible network segment.

  • AuthenticationNot required

    No account or credential is needed; any unauthenticated user who visits the crafted page can trigger the vulnerability, provided the renderer has already been compromised.

  • Victim interactionRequired

    The victim must visit or be redirected to a crafted HTML page, making this a social-engineering-dependent attack that requires the user to take an action.

  • Attack complexityDetail

    The CVSS vector assigns low attack complexity for the input-validation step itself, though the overall attack chain carries a separate prerequisite of renderer compromise, which is not reflected in this token.

Blast Radius

  • The attacker reads data belonging to web origins other than the one the victim is currently visiting, including cookies, tokens, or page content scoped to those origins.
  • Cross-origin data leakage can expose authenticated session material or sensitive page content from third-party sites loaded in the same browser session.
  • There is no integrity or availability impact: the attacker cannot modify data or crash the browser through this vulnerability alone.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-10968 is active against all images in connected registries and pipelines, matching Chrome and Chromium bundles at any version below 149.0.7827.53. A patched-image rebuild at the fixed version is available for affected environments. For customers with auto-remediation enabled, HarborGuard triggers a rebuild, runs a regression test suite against the new image, and opens a PR against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in those environments. Customers who manage remediation manually can retrieve the rebuilt image and apply it through their standard deployment process. Where auto-remediation is not enabled, the finding is routed to the configured team inbox with full CVSS context and affected-image detail so manual triage can begin immediately.

See how HarborGuard automates this

Fix available

149.0.7827.53
Affected packages
  • Google / Chrome
    < 149.0.7827.53 (from 149.0.7827.53)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
References