Heap Buffer Overflow in Google Chrome WebRTC Component
CVE-2026-12447

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-12447?

A vulnerability exists in the WebRTC component of Google Chrome that allows remote attackers to execute arbitrary code within a sandboxed environment by exploiting a heap buffer overflow. This can occur through a specially crafted HTML page, potentially leading to unauthorized actions within a user's browser session. It is critical for users to update their browsers to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Chrome 149.0.7827.155

References

https://chromereleases.googleblog.com/2026/06/stable-chan...

https://issues.chromium.org/issues/513405023

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

CVE-2026-12447 Data

JSON