CVE Catalog

CVE-2026-13810

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile — higher than 18% of all known CVEs

Summary

Inappropriate implementation in Input in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Risk Assessment

An attacker could exfiltrate confidential data stored in browser memory, such as passwords, session tokens, or credit card details, leading to a breach of confidentiality and potentially further attacks.

Recommendation

Immediately update Google Chrome on Linux systems to version 150.0.7871.47 or later. Ensure automatic updates are enabled.

Original NVD description (English source)

Inappropriate implementation in Input in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS