Android Chrome <148.0.7778.168 GPU Heap Buffer Overflow: CVE-2026-8552 May 2026

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Vulnerability Analysis

CVE-2026-8552 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

LOW

Availability Impact:

NONE

Weakness Type

Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Products Associated with CVE-2026-8552

Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.

Android Chrome <148.0.7778.168 GPU Heap Buffer Overflow
CVE-2026-8552 Published on May 14, 2026

Vulnerability Analysis

Weakness Type

Heap-based Buffer Overflow

Products Associated with CVE-2026-8552

Affected Versions

Android Chrome <148.0.7778.168 GPU Heap Buffer OverflowCVE-2026-8552 Published on May 14, 2026

Vulnerability Analysis

Weakness Type

Heap-based Buffer Overflow

Products Associated with CVE-2026-8552

Affected Versions

Android Chrome <148.0.7778.168 GPU Heap Buffer Overflow
CVE-2026-8552 Published on May 14, 2026