Vulnerabilities ›

CVE-2026-10019

High

CWE-472 — Weakness Type

                    Published: May 28, 2026                      ·  Modified: Jun 4, 2026                      ·  Source: NVD                

CVSS v3

8.8

🔗 NVD Official

📄 Description (English)

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

🤖 AI Executive Summary

An integer overflow vulnerability in ANGLE (graphics library) within Google Chrome versions before 148.0.7778.216 allows remote attackers to leak cross-origin data through specially crafted HTML pages. This vulnerability could enable unauthorized access to sensitive information from different websites visited by users.

📄 Description (Arabic)

يتعلق الثغرة بتجاوز عدد صحيح في مكتبة ANGLE المسؤولة عن معالجة الرسومات في متصفح Google Chrome. يمكن للمهاجمين استغلال هذه الثغرة لتسرب البيانات من مواقع ويب مختلفة دون تصريح من المستخدم. الثغرة تؤثر على جميع إصدارات Chrome السابقة للإصدار 148.0.7778.216.

🤖 ملخص تنفيذي (AI)

An integer overflow in ANGLE graphics library in Google Chrome before version 148.0.7778.216 enables remote attackers to leak cross-origin data via malicious HTML pages. This vulnerability poses a risk to users' sensitive information from different websites.

🤖 AI Intelligence Analysis Analyzed: Jun 3, 2026 00:16

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

government banking telecom healthcare

🎯 MITRE ATT&CK Techniques

T1190 T1566 T1557

⚖️ Saudi Risk Score (AI)

8.0

/ 10.0

🔧 Remediation Steps (English)

Update Google Chrome to version 148.0.7778.216 or later immediately. Users should enable automatic updates to receive security patches promptly. Organizations should enforce Chrome updates through Group Policy or Mobile Device Management solutions.

🔧 خطوات المعالجة (العربية)

قم بتحديث Google Chrome إلى الإصدار 148.0.7778.216 أو أحدث فوراً. يجب على المستخدمين تفعيل التحديثات التلقائية. يجب على المؤسسات فرض تحديثات Chrome من خلال سياسات المجموعة أو حلول إدارة الأجهزة المحمولة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

2.1 3.1

🔵 SAMA CSF

ID.RA-1 PR.PT-1

🟡 ISO 27001:2022

A.12.6.1 A.14.2.1

🔗 References & Sources 2

🔗

https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304...

chrome-cve-admin@google.com

Vendor Advisory

🔗

https://issues.chromium.org/issues/505056913

chrome-cve-admin@google.com

Permissions Required

📦 Affected Products / CPE 2 entries

google:chrome

📊 CVSS Score

8.8

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionR — Required

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score8.8

CWECWE-472

EPSS0.03%

Exploit No

Patch ✗ No

Published 2026-05-28

Source Feed nvd

🇸🇦 Saudi Risk Score

8.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-472

🏢 Vendor Advisories

🔗 https://chromereleases.googleblog.com/2026/05/stable...

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-10019

Introduce Yourself

Sign In Required