First published 4 May 2026
CVSS:3.1: 9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple security vulnerabilities have been found in Chromium, a web browser used in IGEL OS. This affects the following product versions:
-
IGEL OS 12
-
IGEL OS 11
Details
A critical vulnerability has been discovered in Chromium’s Canvas component. The use-after-free issue can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page (CVE-2026-7363).
Further issues of the use-after-free type have also been found in the GPU (CVE-2026-7333), ANGLE (CVE-2026-7359), Animation (CVE-2026-7358) and Views components (CVE-2026-7334), and they are rated high. In total, 24 highs have been found in Chromium – the referenced blog post contains the full list.
Update Instructions
-
OS 12: Upgrade the Chromium app to version 147.0.7727.137 or newer as soon as it is available.
-
OS 11: Upgrade to IGEL OS 11.11.150 as soon as it is available.
References
-
Chrome Releases Blog: https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html