How is CVE-2026-11047 exploited?

Network reachability (required): The attacker delivers the crafted HTML page over the network, requiring the victim's browser to reach attacker-controlled content. Authentication (not-required): No credentials or account are needed; the attack is launched against any user who browses to the malicious page. Victim interaction (required): The victim must open or navigate to the attacker's crafted HTML page, making this a social-engineering or drive-by scenario. Attack complexity (info): The base exploit path is condition-free and reliable once the renderer is compromised, though obtaining initial renderer compromise is itself a prerequisite that adds real-world complexity.

What is the impact of CVE-2026-11047?

An attacker who escapes the sandbox reads files and data accessible to the Chrome process on the Windows host, including stored credentials, cookies, and session tokens. The attacker can write to or modify files on the host filesystem, including user-profile data and application files. The attacker can crash or terminate the affected Chrome process and other processes reachable from the host context, disrupting service. With code execution outside the sandbox, the attacker can install persistent payloads, pivot to other services on the host, or escalate privileges further.

Back to search

CRITICALCVE-2026-11047Published 2026-06-04Modified 2026-06-05CNA Chrome

CVE-2026-11047: Inappropriate implementation in Base in Google Chrome on Windows prior to 149

Inappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

CVSS v3.1: 9.6
Severity: CRITICAL
Fixed in: 149.0.7827.53
Affected Products: 1

HarborGuard Analysis

Synopsis

This is a sandbox-escape vulnerability in the Base component of Google Chrome on Windows, affecting all versions prior to 149.0.7827.53. It is reachable over the network and requires no authentication, though a victim must open a crafted HTML page; it also requires the attacker to have already compromised the Chrome renderer process as a prerequisite. Successful exploitation allows the attacker to break out of Chrome's sandbox, gaining full access to the underlying Windows host with the ability to read data, modify files, and run arbitrary code. A patched-image rebuild at version 149.0.7827.53 is available on HarborGuard for affected environments.

HarborGuard Coverage

Detection

Detection of CVE-2026-11047 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream feeds, including custom-built images that bundle or depend on a Chrome installation. Any image containing a Chrome version below 149.0.7827.53 on Windows base layers is flagged automatically.

Available

Triage

HarborGuard triage capability scores this CVE at CVSS 9.6 (Critical), with per-environment compliance policy weighting applied to determine urgency and route alerts to the appropriate team inbox within each customer organization.

Available

Patch

A patched-image rebuild at Chrome 149.0.7827.53 becomes available on HarborGuard as soon as the fix version is confirmed in upstream feeds. For customers who opt into auto-remediation, HarborGuard can trigger a rebuild, run a regression test suite against the updated image, and open a PR against affected workloads automatically.

Available

Exploit Conditions

Network reachabilityRequired
The attacker delivers the crafted HTML page over the network, requiring the victim's browser to reach attacker-controlled content.
AuthenticationNot required
No credentials or account are needed; the attack is launched against any user who browses to the malicious page.
Victim interactionRequired
The victim must open or navigate to the attacker's crafted HTML page, making this a social-engineering or drive-by scenario.
Attack complexityDetail
The base exploit path is condition-free and reliable once the renderer is compromised, though obtaining initial renderer compromise is itself a prerequisite that adds real-world complexity.

Blast Radius

An attacker who escapes the sandbox reads files and data accessible to the Chrome process on the Windows host, including stored credentials, cookies, and session tokens.
The attacker can write to or modify files on the host filesystem, including user-profile data and application files.
The attacker can crash or terminate the affected Chrome process and other processes reachable from the host context, disrupting service.
With code execution outside the sandbox, the attacker can install persistent payloads, pivot to other services on the host, or escalate privileges further.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-11047 is active across all customer environments the moment the CVE is ingested, matching any image that ships Chrome below 149.0.7827.53 on a Windows base layer. For customers who opt into auto-remediation, HarborGuard initiates a rebuild at the patched version, runs regression tests against the resulting image, and opens a PR against affected workloads; for Critical-severity issues, the median time from CVE publication to a merged patch PR in environments with auto-remediation enabled is around 90 minutes. Where compliance policy requires manual approval, the rebuilt image is queued and ready the moment an approver reviews the alert. Because this vulnerability requires renderer compromise as a prerequisite, teams may also consider network-policy controls that restrict which origins Chrome-based workloads can load content from, reducing the attack surface while the patch is applied.

See how HarborGuard automates this

Fix available

149.0.7827.53

Affected packages

Google / Chrome
< 149.0.7827.53 (from 149.0.7827.53)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available