Skip to main content

Google Chrome CVE-2026-14069

| EUVDEUVD-2026-40756 MEDIUM
External Control of Assumed-Immutable Web Parameter (CWE-472)
2026-06-30 chrome-cve-admin@google.com GHSA-qqx3-3r9q-jch9
6.5
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Network-delivered via crafted HTML with no attacker privileges; victim must visit the page (UI:R); only confidentiality is impacted through memory disclosure, no integrity or availability effect.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 02:40 vuln.today
CVSS changed
Jul 01, 2026 - 02:22 NVD
6.5 (None) 6.5 (MEDIUM)
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 30, 2026 - 23:17 cve.org
MEDIUM 6.5

DescriptionCVE.org

Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

AnalysisAI

Integer overflow in the WebNN component of Google Chrome prior to 150.0.7871.47 allows an unauthenticated remote attacker to read potentially sensitive data from Chrome's process memory. Exploitation requires convincing a victim to visit a crafted HTML page, placing this in the class of user-interaction-dependent browser memory disclosure vulnerabilities. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Attacker hosts crafted WebNN HTML page
Delivery
Victim clicks phishing link or visits compromised site
Exploit
Chrome parses and executes malicious WebNN graph
Execution
Integer overflow triggered in WebNN component
Persist
Out-of-bounds renderer process memory read
Impact
Memory contents exposed to attacker-controlled JavaScript context

Vulnerability AssessmentAI

Exploitation The victim must be running Google Chrome prior to 150.0.7871.47 on a desktop platform and must actively navigate to or be redirected to an attacker-controlled or compromised HTML page (CVSS UI:R). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 6.5 (Medium) is driven by C:H (high confidentiality impact via memory disclosure) against a network-reachable, zero-privilege attack path, tempered by UI:R (requires victim interaction) and S:U (unchanged scope, Chrome sandbox contains the blast radius). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts an HTML page that invokes the WebNN API with specially constructed tensor dimensions or graph parameters designed to trigger the integer overflow in Chrome's WebNN implementation. When a victim on an unpatched Chrome desktop browser visits the page - via phishing link, malvertising, or compromised site injection - the overflow causes Chrome to read and return out-of-bounds process memory to the attacker-controlled JavaScript context. …
Remediation Update Google Chrome to version 150.0.7871.47 or later immediately; this is the vendor-confirmed fixed release per the Stable Channel Update advisory at http://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-14069 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy