Chrome on Android GPU Vulnerability Allows Sandbox Escape

/HIGH /CVSS 7.5/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severityout-of-bounds-1cwe-125cwe-125
Chrome on Android GPU Vulnerability Allows Sandbox Escape

The National Vulnerability Database has detailed CVE-2026-6920, a critical out-of-bounds read vulnerability in Google Chrome’s GPU component on Android. This flaw, rated High severity (CVSS 7.5), allows a remote attacker who has already compromised the renderer process to escape the browser’s sandbox. Attackers can achieve this by tricking a user into visiting a specially crafted HTML page.

This vulnerability impacts users running Google Chrome on Android versions prior to 147.0.7727.117. The attacker’s calculus is straightforward: gain initial renderer compromise, then leverage this GPU flaw for deeper system access. For defenders, this highlights the ongoing battleground within browser components and the need for rapid patching.

Organizations should mandate immediate updates for all Android devices running Chrome. Reviewing browser configurations and considering enhanced endpoint detection and response (EDR) for mobile devices can provide additional layers of defense against such sophisticated browser-based attacks.

What This Means For You

  • If your organization manages Android devices, ensure all instances of Google Chrome are updated to version 147.0.7727.117 or later immediately. This vulnerability directly enables sandbox escapes, a significant step for attackers aiming to compromise user data or pivot within a network.
🛡️ Am I exposed to this? Get detection rules for CVE-2026-6920 — Splunk, Sentinel, Elastic, QRadar & more

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1055 Process Injection Privilege Escalation

🛡️ Detection Rules

2 rules · 6 SIEM formats

2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1190 Initial Access

Chrome for Android GPU Out-of-Bounds Read Sandbox Escape Attempt - CVE-2026-6920

Sigma YAML — free preview
✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-6920 Sandbox Escape Google Chrome on Android prior to 147.0.7727.117
CVE-2026-6920 Information Disclosure Out of bounds read in GPU
CVE-2026-6920 Code Injection crafted HTML page

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 23, 2026 at 21:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related Posts

Flowise SSRF Bypass: DNS Rebinding Opens LLM Flows to Attackers

CVE-2026-41272 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

Flowise SSRF Vulnerability Exposes Internal Systems

CVE-2026-41271 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 1 IOC /⚙ 3 Sigma

Flowise SSRF Bypass: Internal Network at Risk

CVE-2026-41270 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-284cwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma