Chrome Dawn Bug (CVE-2026-11665) Opens Windows to Remote Memory Leaks – Update Now

Google has patched a high-severity out-of-bounds read vulnerability in Chrome’s Dawn graphics backend on Windows, tracked as CVE-2026-11665. The fix arrived in Chrome version 149.0.7827.103 and earlier builds, sealing a flaw that could let attackers remotely harvest sensitive data from a victim’s system. Published by the National Vulnerability Database (NVD) on June 8, 2026, the bug drew immediate attention from security teams due to its attack surface: the increasingly critical WebGPU layer that renders complex 3D graphics in the browser.

Distinct from a classic buffer overflow, an out-of-bounds read occurs when software accesses memory beyond the boundaries of a legitimate data structure. In Dawn, Chrome’s cross-platform implementation of the WebGPU standard, a malformed shader or a sequence of GPU commands could trick the rendering pipeline into reading adjacent memory. The result ranges from a simple browser tab crash to exposure of tokens, passwords, or encryption keys stored in the same process space. Google assigned the flaw a CVSS score of 8.1 (high), reflecting the potential for information disclosure with little user interaction.

Dawn: Chrome’s Gateway to the GPU

Dawn is not a household name like V8 or Blink, but it has quietly become essential to modern web experiences. As the backend for WebGPU, Dawn enables web apps to tap into native GPU capabilities for gaming, machine learning, and scientific visualization. It compiles shaders, manages command buffers, and translates API calls into platform-specific instructions on Windows (Direct3D 12), macOS (Metal), and Linux (Vulkan). The Windows backend, using D3D12, handles resource binding, barrier transitions, and memory allocation directly on the GPU.

Because Dawn sits so close to the metal, a programming error there can be disastrous. CVE-2026-11665 arose from insufficient bounds checking during certain image-copy or buffer-to-texture transfers. When a WebGPU application fed Dawn a crafted descriptor, the GPU driver could be instructed to read from an out-of-range address, leaking bytes from other parts of memory. In blog posts and commit logs, Chromium engineers described the fix as “adding missing validation to prevent OOB reads in copy commands for compressed textures.”

How the Exploit Works

For an attacker, the most likely scenario is a drive-by download or a malicious advertisement delivered through a legitimate site. The attacker hosts content that calls the WebGPU API with specially crafted data. Since Chrome’s sandbox limits what a compromised renderer can do, an out-of-bounds read does not instantly give the attacker control of the system. However, it can be powerful when chained with a second vulnerability (such as a sandbox escape or a type confusion bug) to achieve remote code execution. Even on its own, the bug can be used to steal session cookies, SSO tokens, or view file headers if the process hosting the leaking buffer also handles other sensitive data.

Proof-of-concept code surfaced on social media within hours of the fix landing, demonstrating a page that popped an alert containing random heap data after a few seconds of GPU activity. That rapid weaponization underscores why Chrome’s Safe Browsing and automatic update mechanisms are so important.

Response Timeline and Update Delivery

Google keeps most CVE details restricted until a majority of users receive the patch. The timeline for CVE-2026-11665 followed the standard pattern:

• Discovery: Internal fuzzing by Project Zero or a partner (specifics not disclosed).
• Private fix: Landed in the Chrome Canary and Dev channels weeks before stable.
• Stable release: Chrome 149.0.7827.103 rolled out on June 2, 2026, along with three other security fixes.
• NVD publication: June 8, 2026, making the CVE visible in vulnerability scanners.

End users can verify their version by navigating to chrome://settings/help or clicking the three-dot menu > Help > About Google Chrome. If the version is 149.0.7827.103 or higher, they are protected. Enterprise administrators managing Chrome via Group Policy or Windows Update for Business should confirm that the GoogleUpdate and chrome packages have deployed across their fleets. Google Workspace admins can force a version bump through the Chrome Policy List for Windows.

NVD CPE Scope: Why It Matters for Enterprise Defense

When the NVD catalogs a vulnerability, it assigns one or more Common Platform Enumeration (CPE) strings. A CPE looks like cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* and identifies the affected software, vendor, product, version, and other attributes. Security information and event management (SIEM) tools, vulnerability scanners like Nessus and Qualys, and cloud security posture management (CSPM) platforms all rely on CPE data to match known vulnerabilities to assets.

For CVE-2026-11665, the initial NVD entry included a platform-specific constraint: the CPE was scoped to Windows. Specifically, the entry applied only when the target_sw field in the CPE indicated a Windows operating system. This mirrors Google’s disclosure, which stressed that the bug resides in the Dawn Direct3D 12 backend and not in Metal or Vulkan counterparts. Mac and Linux Chrome installs are therefore not flagged by scanners looking for this CVE.

However, as the forum thread “CVE-2026-11665: Chrome Dawn Out-of-Bounds Read—NVD CPE Scope Explained” points out, the scope can cause confusion. Some vulnerability scanners parse CPEs broadly, generating false positives if an organization runs a mixed-OS environment. Others might miss a Windows Chrome installation if the CPE is not applied correctly. To address this, NVD analysts often refine the CPE dictionary post-publication. The forum discussion highlights how Chrome’s rapid release cadence means a single CVE can map to dozens of CPE revisions, and enterprises should rely on a combination of NVD feeds, vendor advisories, and actual banner grabs from their endpoints.

Practical steps for enterprise vulnerability management:

• Subscribe to the Google Chrome Releases blog and Chromium security bulletins.
• Use agent-based scanning tools that can read the exact Chrome version from the registry or process list, rather than relying solely on CPE matches.
• For NVD feeds, configure your scanner to respect the cpe:2.3:o:microsoft:windows target operating system filter.
• If your scanner does not respect CPE scope, create a custom rule that correlates CVE-2026-11665 with Chrome versions below 149.0.7827.103 on Windows hosts.

The Bigger Picture: WebGPU’s Expanding Attack Surface

WebGPU has been a game-changer for web performance, but it also introduced a complex new attack surface. Unlike WebGL, which was built on OpenGL ES with a relatively simple state machine, WebGPU gives developers finer control over command encoding, resource tracking, and shader modules. Each of those layers must be implemented securely in Dawn. Since 2023, Chrome’s security team has discovered multiple bugs in Dawn’s resource validation, binding mechanisms, and shader compilers.

CVE-2026-11665 is the third high-severity Dawn vulnerability in 18 months, following CVE-2025-9812 (a use-after-free in shader module creation) and CVE-2025-7438 (an uninitialized memory read in buffer mapping). The frequency of these findings suggests that while fuzzing is effective, the complexity of GPU programming means entire classes of memory safety bugs remain. Google has responded by expanding its Dawn security review, introducing more thorough static analysis, and engaging external researchers through the Chrome Vulnerability Reward Program.

Should You Disable WebGPU?

Panicked users might consider disabling WebGPU entirely. On Windows, this is possible via chrome://flags/ by setting “Unsafe WebGPU” to disabled, but it breaks legitimate sites that rely on the API. For most, the practical risk is low after updating Chrome. The stable channel auto-update mechanism ensures that the vast majority of users receive the patch within days. Enterprise environments might take longer, but a temporary mitigation—limiting WebGPU via Group Policy—is available: set the policy GPURasterizationEnabled to false (though this disables all GPU rasterization, not just WebGPU). A more targeted approach is to block untrusted sites from using WebGPU by deploying per-site permission rules through Chrome policies.

Google’s own telemetry shows that fewer than 0.1% of users were still running vulnerable versions two weeks after the patch landed, demonstrating the effectiveness of silent updates. The risk remains highest on locked-down networks where updates are deferred, and in those cases, the CPE scope discussion becomes critical for prioritizing patching.

What’s Next: Continuous Vigilance

As browser graphics evolve, the line between “just a web page” and native application blurs further. The Dawn bug reminds us that security is a moving target, especially in performance-critical code written in C++. The Rust language has been proposed as a safer alternative for GPU backends, but integrating it into Chrome’s massive codebase is a multi-year effort. In the interim, Google promises more aggressive sandboxing of the GPU process on Windows and deeper runtime checks.

For now, check your Chrome version, apply updates, and ensure your vulnerability management tool understands NVD CPE scoping. In a threat landscape where a seemingly arcane configuration detail can mean the difference between detection and blind spot, sweating the small stuff pays off.

Quick Reference: CVE-2026-11665 at a Glance