Skip to main content

Google Chrome Android CVE-2026-13954

| EUVDEUVD-2026-40642 MEDIUM
Improper Access Control (CWE-284)
2026-06-30 chrome-cve-admin@google.com GHSA-wpvv-pvj4-745g
6.5
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Network delivery with no privileges needed, user must visit crafted page (UI:R); memory disclosure yields high confidentiality loss with no integrity or availability impact.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 02:30 vuln.today
CVSS changed
Jul 01, 2026 - 02:22 NVD
6.5 (MEDIUM)
CVE Published
Jun 30, 2026 - 23:17 cve.org
MEDIUM 6.5
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

AnalysisAI

Insufficient XML policy enforcement in Google Chrome on Android (prior to 150.0.7871.47) exposes process memory contents to remote attackers who can deliver a crafted HTML page. The flaw is classified under CWE-284 (Improper Access Control), allowing the browser's XML handling to bypass intended isolation boundaries and leak potentially sensitive in-process data - such as cookies, credentials, or other runtime state - to an attacker-controlled origin. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Attacker crafts malicious HTML/XML page
Delivery
Delivers link via phishing or malvertising to Android user
Exploit
Victim opens page in unpatched Chrome for Android
Execution
Browser processes malicious XML, bypassing policy enforcement
Persist
Renderer process memory contents read across policy boundary
Impact
Sensitive in-process data exfiltrated to attacker

Vulnerability AssessmentAI

Exploitation The victim must be running Google Chrome on Android at a version strictly below 150.0.7871.47 - the vulnerability is Android-platform-specific and not reported to affect Chrome on desktop operating systems. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N places this at 6.5 Medium. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker hosts a malicious web page containing a crafted XML document and distributes the link via phishing, SMS, or malvertising targeting Android users. When a victim opens the link in an unpatched Chrome for Android, the XML processing layer fails to enforce proper policy isolation, allowing the page's script context to read regions of the browser's process memory. …
Remediation The primary fix is to update Google Chrome on Android to version 150.0.7871.47 or later, which contains the vendor-released patch as documented in the Google Chrome Stable Channel Update advisory at chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-13954 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy