Skip to content
Auto-CTI
Back to today
NEW CRITICAL A3

CVE-2026-12009: Critical Sandbox Escape in Google Chrome on Mac prior to 149.0.7827.115

A NVD · · CVE-2026-12009

Admiralty grading (A–F · 1–6)

Source reliability

  • A Completely reliable
  • B Usually reliable
  • C Fairly reliable
  • D Not usually reliable
  • E Unreliable
  • F Cannot be judged

Information credibility

  • 1 Confirmed
  • 2 Probably true
  • 3 Possibly true
  • 4 Doubtful
  • 5 Improbable
  • 6 Cannot be judged

NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.

Key metrics

EPSS
0%

Key insight

A critical sandbox escape vulnerability enables remote code execution with full OS-level access if an attacker has already compromised the Chrome renderer process.

Description

CVE-2026-12009 is a critical vulnerability in Google Chrome's Accessibility feature on macOS (versions prior to 149.0.7827.115) caused by insufficient validation of untrusted input. A remote attacker who has already compromised the Chrome renderer process can perform a sandbox escape via a specially crafted HTML page, gaining full OS-level access. This represents a privilege escalation that bypasses browser sandbox mechanisms. The vulnerability is classified as Chromium Security Severity: Critical and requires immediate patch installation across all affected systems.

Risk score

54
cvss base
45.00
kev bonus
0.00
epss bonus
0.00
poc bonus
0.00
raw before weight
45.00
industry weight
1.21
freshness factor
1.00
exploitability factor
1.00
days old
0.00
vendor mismatch penalty
0.00

Path: operational

MITRE ATT&CK mapping

2 TTPs
Recon
Resource Dev
Initial Access
Execution
T1203 Exploitation for Client Execution
Persistence
Priv. Escal.
Def. Evasion
T1211 Exploitation for Defense Evasion
Cred. Access
Discovery
Lateral Mov.
Collection
C2
Exfiltration
Impact
Conf.: high medium low

Procedure details

Technique Tactic Procedure Conf. Source
T1203
Exploitation for Client Execution
 Execution A crafted HTML page exploits insufficient input validation in Google Chrome's Accessibility component on Mac to achieve code execution in the renderer process. high llm
T1211
Exploitation for Defense Evasion
 Defense Evasion The vulnerability allows a remote attacker who has compromised the renderer process to escape the Chrome sandbox via a crafted HTML page, bypassing sandbox isolation controls. high llm
ESC