Skip to main content

Google Chrome CVE-2026-13950

| EUVDEUVD-2026-40638 MEDIUM
Use of Uninitialized Variable (CWE-457)
2026-06-30 chrome-cve-admin@google.com GHSA-75qx-877v-f9ff
5.3
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
5.3 MEDIUM
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
vuln.today AI
5.3 MEDIUM

AC:H reflects the mandatory renderer-compromise prerequisite; PR:N because the initial attack vector requires no credentials; C:H for potentially sensitive memory leak; I:N and A:N as no write or denial impact exists.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 02:30 vuln.today
CVSS changed
Jul 01, 2026 - 02:22 NVD
5.3 (MEDIUM)
CVE Published
Jun 30, 2026 - 23:17 cve.org
MEDIUM 5.3
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

AnalysisAI

Uninitialized GPU memory use in Google Chrome prior to 150.0.7871.47 enables a remote attacker who has already compromised the renderer process to read sensitive data from GPU process memory by delivering a crafted HTML page. This is a second-stage information disclosure primitive - exploitation is contingent on a prior renderer compromise, making it a component of a multi-vulnerability attack chain rather than a standalone critical issue. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Deliver malicious HTML page to target
Delivery
Exploit separate renderer vulnerability
Exploit
Gain renderer process code execution
Execution
Craft malformed GPU IPC calls
Persist
Trigger uninitialized GPU memory read
Impact
Exfiltrate sensitive process memory contents

Vulnerability AssessmentAI

Exploitation Exploitation requires two preconditions: first, the attacker must have already achieved code execution within Chrome's renderer process via a separate vulnerability - this is a significant prerequisite that substantially limits the attacker pool to sophisticated actors. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) scores 5.3 (Medium), and the metric choices are coherent with the vulnerability behavior: AC:H correctly captures the prerequisite renderer compromise, and C:H reflects the potential to leak sensitive process memory contents. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker targeting a specific individual first delivers a renderer exploit via a malicious or compromised webpage - such as a JavaScript engine or HTML parser vulnerability - to achieve code execution within Chrome's sandboxed renderer process. Once the renderer is under control, the attacker issues crafted GPU IPC messages designed to trigger the uninitialized variable read in the GPU process, receiving leaked memory contents (which may include credentials, tokens, or other sensitive data residing in GPU process memory) back into the renderer. …
Remediation The primary fix is to update Google Chrome to version 150.0.7871.47 or later via the browser's built-in update mechanism (Settings → Help → About Google Chrome) or through enterprise deployment tools; the patch is confirmed available from Google per the stable channel advisory at http://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-13950 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy