Severity by source
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AV:A confirmed by Cast's local-network-only protocol scope; PR:N as no credentials are needed to send Cast traffic; C:H for uninitialized memory leakage; I:N and A:N as no write or availability impact exists.
Primary rating from Vendor (google).
CVSS VectorVendor: google
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. (Chromium security severity: Medium)
AnalysisAI
Uninitialized memory exposure in Google Chrome's Cast component prior to 150.0.7871.47 allows an unauthenticated attacker on the same local network segment to leak sensitive contents from the browser's process memory via malicious Cast protocol traffic. The root cause is CWE-457 (Use of Uninitialized Variable): memory allocated for Cast operations is not zeroed before use, allowing residual in-memory data - potentially including credentials, session tokens, or cached page content - to be disclosed in responses to crafted network input. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation strictly requires the attacker to be on the same local network segment as the victim (AV:A - adjacent network only; internet-based remote exploitation is not possible). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD CVSS 3.1 score of 6.5 (Medium) with vector AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N accurately captures the threat profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker connected to the same Wi-Fi network as a user running an unpatched Chrome browser - for example, at a coffee shop or shared office - sends specially crafted Cast protocol discovery or control messages to the victim's browser. The malformed traffic triggers the uninitialized memory read in Chrome's Cast component, causing the browser to inadvertently return or expose uninitialized memory bytes in its response. … |
| Remediation | Update Google Chrome to version 150.0.7871.47 or later, as documented in Google's Stable Channel Update advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-457 – Use of Uninitialized Variable
View allSame technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40628
GHSA-3m3v-363x-rf9h