First published 8 June 2026
CVSS:3.1: 9.6 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
Multiple security vulnerabilities have been found in Chromium, a web browser used in IGEL OS. This affects the following product versions:
-
IGEL OS 12
-
IGEL OS 11
Details
Google reports multiple vulnerabilities in Chromium, a substantial number rated as critical, for example a use-after-free in Dawn (CVE-2026-9874) and a use-after-free in Extensions (CVE-2026-9891).
Some issues have been rated as critical by Google but are rated as high by organizations such as CISA-ADP, among them a use-after free in the Network component (CVE-2026-9873) and insufficient validation of untrusted input in UI (CVE-2026-9885).
Google’s high category contains many further memory management vulnerabilities – six use-after-free issues in the graphics engine abstraction layer ANGLE alone, many out-of-bounds accesses, and uninitialized uses in GPU and WebGL.
Further information about the 22 vulnerabilities rated as critical and the 123 rated as high can be found in the Chrome Releases Blog post referenced.
Update Instructions
-
OS 12: Upgrade the Chromium app to version 148.0.7778.215 or newer.
-
OS 11: IGEL is preparing an OS 11 release with an updated Chromium.