cbcvebase.
CVE-2026-9909
published 2026-05-28

CVE-2026-9909: Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code…

high7.5CVSS 3.1
AVNACHPRNUIRSUCHIHAH
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Affected

4 ranges
VendorProductVersion rangeFixed in
googlechrome< 148.0.7778.216148.0.7778.216
googlechrome< 148.0.7778.215148.0.7778.215
googlechrome>= 148.0.7778.216 < 148.0.7778.216148.0.7778.216
googlechrome_desktop