CVE-2026-14149
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk23th percentile — higher than 23% of all known CVEs
Summary
A Use-After-Free vulnerability in the Audio component of Google Chrome on Linux prior to version 150.0.7871.47 allows a remote attacker to execute arbitrary code via a crafted HTML page. The issue is rated as Low severity by the Chromium security team.
Risk Assessment
An attacker can remotely execute arbitrary code on the victim's machine, potentially leading to system compromise, data theft, or malware installation.
Recommendation
Immediately update Google Chrome on Linux to version 150.0.7871.47 or later. Ensure automatic updates are enabled.
Original NVD description (English source)
Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

