CVE-2026-11640

ADVISORY - nist

Summary

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

EPSS Score⁠: 0.00086 (0.251)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-472⁠

External Control of Assumed-Immutable Web Parameter

Impacted images

Advisories

NIST

CREATED

7 days ago

UPDATED

6 days ago

ADVISORY IDCVE-2026-11640⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-472⁠

CVSS SCORE

8.3high

Debian

CREATED

6 days ago

UPDATED

4 days ago

ADVISORY IDCVE-2026-11640⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

6 days ago

UPDATED

6 days ago

ADVISORY IDCVE-2026-11640⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

4 days ago

UPDATED

4 days ago

ADVISORY ID

CGA-h23m-w2cf-f694

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

4 days ago

UPDATED

4 days ago

ADVISORY ID

MINI-7374-5m8g-m49x

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY