CVE-2026-13975
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk16th percentile — higher than 16% of all known CVEs
Summary
An out-of-bounds read vulnerability in the ANGLE component of Google Chrome on Mac allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
Risk Assessment
The risk involves potential leakage of sensitive data from browser memory, such as passwords, session tokens, or cryptographic keys, which could lead to further attack escalation or identity theft.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later on all Mac computers in the organization. Restart the browser after the update.
Original NVD description (English source)
Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

