Google published CVE-2026-10929 on June 4, 2026, a high-severity vulnerability in Chrome's ANGLE graphics layer on Android that could allow attackers to break out of the browser's sandbox. The heap buffer overflow, patched in Chrome version 149.0.7827.53, represents one of the more critical Chrome flaws disclosed in recent months due to its potential to escalate a renderer compromise into full device control.

ANGLE (Almost Native Graphics Layer Engine) translates WebGL and OpenGL ES calls into the platform's native graphics API. On Android, it converts to Vulkan or OpenGL ES, while on Windows it maps to Direct3D. This translation layer processes complex shader programs and vertex data, making it a frequent target for memory corruption bugs. The heap overflow in CVE-2026-10929 likely occurs when ANGLE miscomputes buffer sizes during shader compilation or texture upload, leading to out-of-bounds writes on the heap.

Google's official advisory remains sparse, classifying the bug as "Heap buffer overflow in ANGLE" and noting a sandbox escape may be possible. The lack of details is standard practice until a majority of users update, but the acknowledgment of a sandbox escape is what elevates this from a typical renderer bug to a potentially full compromise.

What makes this vulnerability dangerous

The Chrome sandbox on Android isolates the rendering process from the operating system. Even if an attacker gains code execution inside the renderer through a malicious WebGL page, they can't directly access files, cameras, or other apps without chaining a second exploit to escape the sandbox. CVE-2026-10929 is dangerous precisely because it may serve as that second link.

A heap overflow in ANGLE gives an attacker the ability to corrupt adjacent memory in the renderer process. With careful heap grooming, they can overwrite function pointers or virtual tables to redirect execution. If the vulnerability also allows reading memory, they can bypass ASLR. The advisory's mention of sandbox escape suggests the corrupted data may influence inter-process communication (IPC) in a way that lets the attacker break out.

Chrome's IPC system uses Mojo on Android. If the heap overflow can manipulate serialized messages or corrupt shared memory buffers used for graphics, an attacker might trick the broker process into executing privileged operations. This is speculative, but the fact Google flags it as "may allow sandbox escape" indicates their internal analysis confirms the theoretical path exists.

Technical breakdown of the flaw

Without access to the specific commit fixing CVE-2026-10929, we can infer the class of bug from ANGLE's history. In 2025 alone, over a dozen heap overflow bugs were patched in ANGLE, many stemming from integer overflows in buffer size calculations. The graphics layer handles complex state tracking for OpenGL ES contexts, and shader compilation involves numerous memory allocations for translated code and uniform buffers.

A typical ANGLE heap overflow scenario: a malicious shader crafted with specific uniform array sizes causes a multiplication overflow when computing the required buffer size. This results in a small allocation, but a subsequent loop writes data beyond the allocated region. Alternatively, compressed texture uploads can trigger similar bugs when the decompressed size exceeds the computed buffer size.

The Android version adds complexity because ANGLE's Vulkan backend must manage VkBuffers and memory mappings. Incorrectly synchronized accesses or double-free errors can also lead to exploitable conditions. The fix likely adds proper bounds checks or uses safe integer functions.

Affected versions and the fix

Chrome for Android prior to 149.0.7827.53 is vulnerable. The fix landed in the main release channel on June 4, 2026 along with several other security patches. Users who have automatic updates enabled should have received the update by now. The version number indicates this is a stable channel release, so no additional flags are needed.

Google's Chrome Releases blog post for this version mentions it contains 8 security fixes, including CVE-2026-10929 contributed by an external researcher. The researcher will likely receive a bounty from Google's Vulnerability Reward Program, though the amount hasn't been disclosed. Historically, sandbox escape bugs command rewards above $10,000.

Impact on Windows users

While this specific CVE is for Android, Windows users should care for two reasons. First, any Chrome security flaw highlights the browser's attack surface, and similar bugs often exist across platforms. ANGLE on Windows is written largely in the same codebase; a parallel flaw might exist but hasn't been found yet. Second, many Windows users run Chrome on multiple devices, and understanding Android threats is crucial for overall security hygiene.

Microsoft Edge on Android uses a modified Chromium base and likely integrates the same ANGLE code. While Microsoft hasn't issued a separate advisory, Edge for Android users should ensure they're on the latest version. The Chromium project shares security patches upstream, so Edge and other Chromium-based browsers on Android should inherit the fix promptly.

Steps to protect yourself

  • Update Chrome for Android immediately. Go to Google Play Store, search Chrome, and tap Update if available. The current version should be 149.0.7827.53 or later.
  • Enable automatic updates on your Android device. In Play Store settings, set "Auto-update apps" to "Over Wi-Fi only" or "Over any network."
  • Consider using Chrome's Enhanced Safe Browsing if you frequently visit unknown sites; it provides proactive warnings about malicious pages that might host exploits.
  • For enterprise environments using Android devices, push the update via Mobile Device Management (MDM) policies to ensure all fleet devices are patched.
  • Regularly check Chrome's built-in security settings: go to chrome://settings/help to verify your version and trigger an update check.

The bigger picture: Browser sandbox escapes are rare but devastating

Chrome's sandbox is robust, and full sandbox escapes are rare. In recent years, most sandbox-escape vulnerabilities disclosed publicly have been in the operating system kernel or in privileged system services, rather than in Chrome's own IPC mechanism. CVE-2026-10929 appears to be an escape that leverages corrupted graphics processing data, which is less common but aligns with the increasing complexity of GPU-driven browser features.

This vulnerability underscores the risk of exposing low-level graphics APIs to web content. WebGL and WebGPU are powerful but introduce a huge attack surface. Every shader compiler, texture format, and buffer management function is a potential entry point. Google's investment in ANGLE's rigorous testing, including fuzzing with ClusterFuzz, catches many bugs, but the sheer volume of code makes some slip through.

Community response and public disclosure

At the time of writing, no active exploitation has been reported. Google typically withholds details for 30 days or until they observe widespread patching. Security researchers will likely reverse-engineer the patch to develop proof-of-concept exploits, which eventually become public. This cat-and-mouse game means that while users have a window of protection, they must apply the update before exploit code proliferates.

Several security firms have already begun analyzing the patch diff. The ANGLE project is open-source, so the fix is visible in the Chromium repository. Early analysis suggests the patch modifies a buffer allocation function in the Vulkan backend to use a checked add rather than a raw addition when computing the total size of multiple texture levels. This aligns with the typical pattern of integer overflow fixes.

How to check if you were attacked

Detecting exploitation of a sandbox escape is difficult without enterprise-grade endpoint detection. Most users won't notice anything unusual; the exploit chain would run silently in the background, potentially installing a persistent payload. However, if your device exhibits unexpected behavior such as unexplained data usage, battery drain, or newly installed apps, a factory reset and credential change is advisable.

For advanced users, inspecting Chrome's sandbox status at chrome://sandbox can show if any processes are running unsandboxed, but this is not a reliable indicator of a past escape. Google's official recommendation is to keep the browser updated and enable Play Protect.

The future of ANGLE security

Google continues to harden ANGLE, applying control-flow integrity (CFI) and other mitigations. On Android, Chrome uses LLVM's CFI and ShadowCallStack. However, these defenses are not perfect; a determined attacker can sometimes bypass them with information leaks. The discovery of CVE-2026-10929 proves that manual code review and continuous fuzzing remain essential.

Looking ahead, Chrome's transition to WebGPU may shift some attack surface from WebGL/OpenGL ES to a newer pipeline. WebGPU is designed with security in mind, offering a more constrained API, but its implementation in Dawn (the native backend) still must translate to Vulkan, Metal, or D3D12, potentially introducing similar issues.

CVE-2026-10929 is a stark reminder that a single click on a malicious link can compromise an entire device. As mobile browsers become more powerful and handle sensitive tasks like payments and password management, their security is paramount. Update now, and stay alert for any signs of unusual activity.