CVE-2026-14386
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk18th percentile — higher than 18% of all known CVEs
Summary
An out-of-bounds read vulnerability in the ANGLE component of Google Chrome prior to version 150.0.7871.46 allows a remote attacker to read sensitive information from process memory via a crafted HTML page. The issue is rated as High severity.
Risk Assessment
An attacker could extract potentially sensitive data from process memory, leading to exposure of confidential information such as passwords, encryption keys, or user data.
Recommendation
Immediately update Google Chrome to version 150.0.7871.46 or later. Ensure the update is applied across all workstations in the organization.
Original NVD description (English source)
Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

