CVE Catalog

CVE-2026-13833

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile — higher than 21% of all known CVEs

Summary

An uninitialized use vulnerability in the ANGLE component of Google Chrome on Mac prior to version 150.0.7871.47 allows a remote attacker to leak cross-origin data via a crafted HTML page.

Risk Assessment

The risk involves potential theft of sensitive data from other origins, such as session tokens or personal information, which could lead to privacy breaches and further attacks.

Recommendation

Immediately update Google Chrome on Mac systems to version 150.0.7871.47 or later, which includes a fix for this vulnerability.

Original NVD description (English source)

Uninitialized Use in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS