HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-14382Published Modified CNA Chrome

CVE-2026-14382: Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Metrics

CVSS v3.1
9.6
Severity
CRITICAL
Fixed in
150.0.7871.46
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

Insufficient input validation in ANGLE, the graphics abstraction layer used by Google Chrome, allows a remote attacker to escape the browser sandbox via a crafted HTML page. The vulnerability is reachable over the network without any authentication, though the victim must visit a malicious or attacker-controlled page. Successful exploitation gives the attacker code execution outside the Chrome sandbox, enabling full compromise of the host process. A patched-image rebuild at Chrome 150.0.7871.46 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-14382 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images in registries and CI/CD pipelines, including custom-built images that bundle a Chrome or Chromium runtime.

Available
Triage

HarborGuard scores this CVE at CVSS 9.6 Critical and weights it against each environment's compliance policy to determine urgency; findings are routed to the appropriate team inbox within each customer organization based on image ownership and policy configuration.

Available
Patch

A patched-image rebuild pinned to Chrome 150.0.7871.46 becomes available on HarborGuard for any image found to include an affected Chrome version. For customers with auto-remediation enabled, HarborGuard triggers a rebuild, runs the configured regression suite, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityRequired

    The attacker delivers the exploit over the network by directing the victim to a crafted HTML page, so the Chrome process must be reachable in the sense that the user can browse to an attacker-controlled URL.

  • AuthenticationNot required

    No account or credential is needed; any unauthenticated remote attacker can serve the malicious page.

  • Victim interactionRequired

    The victim must visit the attacker-controlled or compromised HTML page, making this a social-engineering or drive-by-browsing vector.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and does not depend on race conditions, specific memory layouts, or other environmental factors beyond the victim loading the page.

Blast Radius

  • Attacker escapes the Chrome sandbox and executes arbitrary code in the context of the browser's host process, bypassing the primary isolation boundary.
  • Full read access to data visible to the host process, including session tokens, credentials stored in the browser profile, and files accessible to the running user.
  • Full write capability to data accessible by the host process, allowing modification or deletion of files, browser data, and configuration.
  • The renderer and host process can be crashed or kept under attacker control, disrupting service for the affected user session.

How HarborGuard Handles This

Available on HarborGuard: any image containing a Chrome or Chromium binary older than 150.0.7871.46 is flagged against this CVE within minutes of the advisory being ingested. For customers with auto-remediation enabled, HarborGuard rebuilds the image at the fixed version, executes the configured regression tests, and opens a pull request against affected workloads; median time from CVE publication to merged patch PR for critical-severity issues is around 90 minutes in environments with auto-remediation enabled. Where compliance policy requires manual approval, the rebuilt image and a full findings report are staged and routed to the designated owner inbox for review. Because sandbox escape vulnerabilities at this severity leave no safe interim state, teams without an immediate upgrade path should consider network-policy controls that restrict which users or services can launch Chrome-based processes, and egress filtering to limit renderer process outbound connectivity while the patch is scheduled.

See how HarborGuard automates this

Fix available

150.0.7871.46
Affected packages
  • Google / Chrome
    < 150.0.7871.46 (from 150.0.7871.46)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H