Severity by source
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AC:H reflects the mandatory renderer-compromise prerequisite; PR:N because the initial attack vector requires no credentials; C:H for potentially sensitive memory leak; I:N and A:N as no write or denial impact exists.
Primary rating from Vendor (google).
CVSS VectorVendor: google
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
AnalysisAI
Uninitialized GPU memory use in Google Chrome prior to 150.0.7871.47 enables a remote attacker who has already compromised the renderer process to read sensitive data from GPU process memory by delivering a crafted HTML page. This is a second-stage information disclosure primitive - exploitation is contingent on a prior renderer compromise, making it a component of a multi-vulnerability attack chain rather than a standalone critical issue. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires two preconditions: first, the attacker must have already achieved code execution within Chrome's renderer process via a separate vulnerability - this is a significant prerequisite that substantially limits the attacker pool to sophisticated actors. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) scores 5.3 (Medium), and the metric choices are coherent with the vulnerability behavior: AC:H correctly captures the prerequisite renderer compromise, and C:H reflects the potential to leak sensitive process memory contents. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker targeting a specific individual first delivers a renderer exploit via a malicious or compromised webpage - such as a JavaScript engine or HTML parser vulnerability - to achieve code execution within Chrome's sandboxed renderer process. Once the renderer is under control, the attacker issues crafted GPU IPC messages designed to trigger the uninitialized variable read in the GPU process, receiving leaked memory contents (which may include credentials, tokens, or other sensitive data residing in GPU process memory) back into the renderer. … |
| Remediation | The primary fix is to update Google Chrome to version 150.0.7871.47 or later via the browser's built-in update mechanism (Settings → Help → About Google Chrome) or through enterprise deployment tools; the patch is confirmed available from Google per the stable channel advisory at http://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-457 – Use of Uninitialized Variable
View allSame technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40638
GHSA-75qx-877v-f9ff