First published 16 June 2026
CVSS:3.1: 8.3 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
Multiple security vulnerabilities have been found in Chromium, a web browser used in IGEL OS. This affects the following product versions:
-
IGEL OS 12
-
IGEL OS 11
Details
Google reports multiple critical vulnerabilities, but these are rated high by other sources such as CISA-ADP and Red Hat: Use-after-free issues in the Chromium components Ozone (CVE-2026-11629), File Input (CVE-2026-11630), TabStrip (CVE-2026-11632), Web Apps (CVE-2026-11642), Proxy (CVE-2026-11643) and Views (CVE-2026-11644), as well as an integer overflow in libyuv, a library for the color encoding system YUV (CVE-2026-11640).
The JavaScript Engine V8 contains two instances of use-after-free (CVE-2026-11649 and CVE-2026-11650), which are rated high. Insufficient validation of untrusted input affects the components Input (CVE-2026-11666), Skia (CVE-2026-11675), Dawn (CVE-2026-11676) and Views (CVE-2026-11682, all high).
In total, the Chrome Releases Blog post (see References) lists 55 issues rated high.
Update Instructions
-
OS 12: Upgrade the Chromium app to version 149.0.7827.102 or newer.
-
OS 11: IGEL OS 11 will reach End of Maintenance in June 2026. To ensure continued access to security updates and support, we recommend migrating to IGEL OS 12.
References
Chrome Releases Blog: https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html