CVE Catalog

CVE-2026-14386

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

18th percentile — higher than 18% of all known CVEs

Summary

An out-of-bounds read vulnerability in the ANGLE component of Google Chrome prior to version 150.0.7871.46 allows a remote attacker to read sensitive information from process memory via a crafted HTML page. The issue is rated as High severity.

Risk Assessment

An attacker could extract potentially sensitive data from process memory, leading to exposure of confidential information such as passwords, encryption keys, or user data.

Recommendation

Immediately update Google Chrome to version 150.0.7871.46 or later. Ensure the update is applied across all workstations in the organization.

Original NVD description (English source)

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS