This vulnerability arises from an inappropriate implementation in the SVG component of Google Chrome before version 149.0.7827.103. It permits remote code execution inside the sandbox environment when a user visits a maliciously crafted HTML page. The issue is classified as high severity by Chromium security. The vulnerability is publicly disclosed but lacks detailed CVSS scoring and explicit remediation status in the provided data. The vendor advisory URL is available but does not specify patch or fix information in the input data.

Successful exploitation could allow a remote attacker to execute arbitrary code within the sandbox of the affected Chrome browser, potentially compromising the security of the user's environment. However, no known exploits in the wild have been reported, and the impact is limited to versions prior to 149.0.7827.103.

Patch status is not yet confirmed — check the vendor advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html for current remediation guidance. Users should update to Chrome version 149.0.7827.103 or later once available. Until then, exercise caution when browsing untrusted websites containing SVG content.