Vulnerabilities ›

CVE-2026-10976

High

CWE-457 — Weakness Type

                    Published: Jun 4, 2026                      ·  Modified: Jun 10, 2026                      ·  Source: NVD                

CVSS v3

7.4

🔗 NVD Official

📄 Description (English)

Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

🤖 AI Executive Summary

CVE-2026-10976 is an uninitialized memory use vulnerability in Google Chrome's Dawn graphics component that allows remote attackers to read sensitive information from process memory through malicious HTML pages. This affects Chrome versions before 149.0.7827.53 and poses a risk to users visiting compromised or attacker-controlled websites.

📄 Description (Arabic)

يتعلق هذا الثغر بمكون Dawn في متصفح Google Chrome ويسمح للمهاجمين بقراءة بيانات حساسة من ذاكرة العملية. يمكن استغلال الثغرة من خلال صفحات HTML مصممة بشكل خاص، مما يعرض معلومات المستخدمين للخطر.

🤖 ملخص تنفيذي (AI)

This vulnerability in Google Chrome's Dawn component allows attackers to access sensitive memory data through crafted web pages, affecting Chrome versions prior to 149.0.7827.53. Organizations and users in Saudi Arabia should update Chrome immediately to prevent potential data exposure.

🤖 AI Intelligence Analysis Analyzed: Jun 9, 2026 02:19

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

government banking telecom energy healthcare

🎯 MITRE ATT&CK Techniques

T1005 T1557 T1598

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Update Google Chrome to version 149.0.7827.53 or later immediately. Disable or restrict access to untrusted websites until patching is complete. Monitor for any suspicious browser behavior or unexpected memory access patterns.

🔧 خطوات المعالجة (العربية)

قم بتحديث متصفح Google Chrome إلى الإصدار 149.0.7827.53 أو أحدث فوراً. عطّل أو قيّد الوصول إلى المواقع غير الموثوقة حتى يتم تطبيق التصحيح. راقب أي سلوك مريب في المتصفح أو أنماط وصول ذاكرة غير متوقعة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.12.6.1 A.14.2.1

🔵 SAMA CSF

CC-6.1 CC-6.2

🟡 ISO 27001:2022

A.12.6.1 A.14.2.1 A.12.2.1

🔗 References & Sources 2

🔗

https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html

chrome-cve-admin@google.com

Release Notes

🔗

https://issues.chromium.org/issues/513249847

chrome-cve-admin@google.com

Permissions Required

📦 Affected Products / CPE 1 entries

google:chrome

📊 CVSS Score

7.4

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionR — Required

ScopeC — Changed

ConfidentialityH — High

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity High

CVSS Score7.4

CWECWE-457

EPSS0.03%

Exploit No

Patch ✗ No

Published 2026-06-04

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-457

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-10976

Introduce Yourself

Sign In Required