CVE-2026-10020
EUVD-2026-3316228.05.2026, 23:16
Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| chrome | 𝑥 < 148.0.7778.216 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| chromium |
| ||||||||||||||||
| libskia |
|
Common Weakness Enumeration