CVE Catalog

CVE-2026-14422

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

19th percentile — higher than 19% of all known CVEs

Summary

An out-of-bounds read and write vulnerability in the Tint component of Google Chrome prior to version 150.0.7871.46 allows a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page. The issue is rated as high severity.

Risk Assessment

An attacker could exploit this vulnerability to gain unauthorized memory access in the browser, potentially leading to data leakage or arbitrary code execution.

Recommendation

Immediately update Google Chrome to version 150.0.7871.46 or later to remediate the vulnerability.

Original NVD description (English source)

Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS