Vulnerability intelligence

CVE-2026-13281

Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

CVSS Score

—

Unrated

EPSS — Exploit Probability

0.0%

Riskier than 0% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

Patch available

Vendor fix published

NVD entry Vendor patch PoC / advisory

1 article across 1 outlet · first covered Jun 26, 2026 · latest Jun 26, 2026

Coverage timeline

Chrome patches three high severity flaws, urges swift update
securityonline.info · Jun 26, 2026