Skip to main content

Google Chrome CVE-2026-13884

| EUVDEUVD-2026-40570 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-06-30 chrome-cve-admin@google.com GHSA-4pmm-4ff4-v6hc
8.8
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
8.8 HIGH
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
8.8 HIGH

Cast traffic requires adjacent-network position (AV:A) with no auth or interaction; a heap overflow yielding code execution gives full C/I/A impact.

3.1 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0 AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
SUSE
HIGH
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 14:25 vuln.today
CVSS changed
Jul 01, 2026 - 14:22 NVD
8.8 (HIGH)
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 30, 2026 - 23:17 cve.org
HIGH 8.8

DescriptionCVE.org

Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Medium)

AnalysisAI

Heap-based integer overflow in Google Chrome's Chromecast component allows an adjacent-network attacker to achieve arbitrary code execution against browsers running versions prior to 150.0.7871.47. The flaw is reachable via crafted malicious network traffic and carries a high CVSS of 8.8; Google has shipped a stable-channel fix, and no public exploit has been identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain adjacent-network position on victim LAN
Delivery
Send crafted Cast/streaming traffic
Exploit
Trigger integer overflow in Chromecast parser
Execution
Corrupt heap via out-of-bounds write
Persist
Hijack control flow
Impact
Execute arbitrary code in Chrome process

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to reach the victim over the local/adjacent network (CVSS AV:A) and to deliver malicious traffic to Chrome's Chromecast component - implying the browser is processing Cast discovery or streaming traffic. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mixed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker on the same local network (e.g., a shared corporate LAN, guest Wi-Fi, or a compromised IoT device) sends specially crafted Cast/streaming traffic to a victim's Chrome browser. The malformed length field triggers the integer overflow and heap overflow in the Chromecast parser, corrupting memory and executing attacker-controlled code in the browser process without any user click. …
Remediation Vendor-released patch: update Google Chrome to 150.0.7871.47 or later via the Stable Channel Update; most installations receive this through Chrome's automatic updater, so ensure auto-update is enabled and restart the browser to apply it (verify via chrome://settings/help). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Chrome deployments on your network, prioritizing systems connected to shared or less-isolated networks. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-13884 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy