CVE-2026-14422
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk19th percentile — higher than 19% of all known CVEs
Summary
An out-of-bounds read and write vulnerability in the Tint component of Google Chrome prior to version 150.0.7871.46 allows a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page. The issue is rated as high severity.
Risk Assessment
An attacker could exploit this vulnerability to gain unauthorized memory access in the browser, potentially leading to data leakage or arbitrary code execution.
Recommendation
Immediately update Google Chrome to version 150.0.7871.46 or later to remediate the vulnerability.
Original NVD description (English source)
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

