CVE-2026-13905
MediumCVSS 4.2Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
A race condition in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. The vulnerability has a medium severity rating according to Chromium.
Risk Assessment
An attacker with physical access to the device could read sensitive data from the browser's memory, posing a risk of data leakage such as passwords or session tokens.
Recommendation
Immediately update Google Chrome on iOS to version 150.0.7871.47 or later to remediate the vulnerability.
Original NVD description (English source)
Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. (Chromium security severity: Medium)

