CVE-2026-9123

HIGH NVD

CVSS Score 7.5

Severity HIGH

Published May 20, 2026

Vendor unknown

Description

Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Medium)

References

https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0841193308.html
https://issues.chromium.org/issues/495988507