CVE-2026-9965: Out of bounds write in Google Chrome
CVE-2026-9965 is an out-of-bounds write vulnerability in the ANGLE component of Google Chrome versions prior to 148. 0. 7778. 216. This flaw could allow a remote attacker to cause heap corruption by delivering a crafted HTML page. The vulnerability is classified with high security severity by Chromium. There is no CVSS score provided, and no explicit vendor advisory details on patch availability or remediation level beyond the stable channel update announcement. No known exploits in the wild have been reported at this time.
AI Analysis
Technical Summary
This vulnerability involves an out-of-bounds write in the ANGLE graphics abstraction layer within Google Chrome before version 148.0.7778.216. Exploitation requires a remote attacker to serve a specially crafted HTML page that triggers heap corruption, potentially leading to arbitrary code execution or browser instability. The issue was publicly disclosed with a high severity rating by Chromium security. The vendor has published a stable channel update announcement, but explicit patch or remediation details are not confirmed in the provided data.
Potential Impact
Successful exploitation could result in heap corruption within the Chrome browser, which may lead to arbitrary code execution or denial of service. However, no known exploits have been reported in the wild, and the impact is limited to affected Chrome versions prior to 148.0.7778.216.
Mitigation Recommendations
The vendor has released a stable channel update for Chrome, presumably including a fix for this vulnerability. Users should update to version 148.0.7778.216 or later to remediate this issue. Patch status is not explicitly confirmed in the advisory, so users should verify update installation via official Google Chrome release notes and update mechanisms.
CVE-2026-9965: Out of bounds write in Google Chrome
Description
CVE-2026-9965 is an out-of-bounds write vulnerability in the ANGLE component of Google Chrome versions prior to 148. 0. 7778. 216. This flaw could allow a remote attacker to cause heap corruption by delivering a crafted HTML page. The vulnerability is classified with high security severity by Chromium. There is no CVSS score provided, and no explicit vendor advisory details on patch availability or remediation level beyond the stable channel update announcement. No known exploits in the wild have been reported at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves an out-of-bounds write in the ANGLE graphics abstraction layer within Google Chrome before version 148.0.7778.216. Exploitation requires a remote attacker to serve a specially crafted HTML page that triggers heap corruption, potentially leading to arbitrary code execution or browser instability. The issue was publicly disclosed with a high severity rating by Chromium security. The vendor has published a stable channel update announcement, but explicit patch or remediation details are not confirmed in the provided data.
Potential Impact
Successful exploitation could result in heap corruption within the Chrome browser, which may lead to arbitrary code execution or denial of service. However, no known exploits have been reported in the wild, and the impact is limited to affected Chrome versions prior to 148.0.7778.216.
Mitigation Recommendations
The vendor has released a stable channel update for Chrome, presumably including a fix for this vulnerability. Users should update to version 148.0.7778.216 or later to remediate this issue. Patch status is not explicitly confirmed in the advisory, so users should verify update installation via official Google Chrome release notes and update mechanisms.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Chrome
- Date Reserved
- 2026-05-28T17:25:03.034Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html","vendor":"Google"}]
Threat ID: 6a18c676e29bf47b503b6332
Added to database: 5/28/2026, 10:49:26 PM
Last enriched: 5/28/2026, 11:19:23 PM
Last updated: 5/29/2026, 12:23:28 PM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.