Skip to main content

Google Chrome CVE-2026-14150

| EUVDEUVD-2026-40837 MEDIUM
Improper Input Validation (CWE-20)
2026-06-30 chrome-cve-admin@google.com GHSA-jgqx-24xr-rw55
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
vuln.today AI
4.2 MEDIUM

AC:H reflects the mandatory renderer-process compromise prerequisite; UI:R for required user page visit; C:L/I:L captures limited spoofing impact with no availability effect.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 16:08 vuln.today
CVSS changed
Jul 01, 2026 - 16:07 NVD
4.3 (None) 5.4 (MEDIUM)
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 30, 2026 - 23:17 nvd
MEDIUM 5.4

DescriptionNVD

Insufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

AnalysisAI

UI spoofing via the Speech component in Google Chrome prior to 150.0.7871.47 requires an attacker to have already compromised the renderer process, making this a chained, second-stage exploit rather than a standalone remote attack. The vulnerability stems from insufficient input validation (CWE-20) in Chrome's Speech subsystem, enabling a renderer-compromised attacker to manipulate browser UI elements through a crafted HTML page. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Serve crafted HTML to target user
Delivery
Exploit separate renderer vulnerability to gain process control
Exploit
Access Speech subsystem from compromised renderer
Execution
Trigger insufficient input validation
Persist
Spoof browser UI elements
Impact
Deceive user into attacker-desired action

Vulnerability AssessmentAI

Exploitation Exploitation requires two sequential, mandatory conditions: first, the attacker must have already achieved compromise of the Google Chrome renderer process via a separate, independent vulnerability not related to CVE-2026-14150; second, the target user must visit or interact with a crafted HTML page under the attacker's control (UI:R). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is low despite the CVSS 5.4 Medium score, primarily because exploitation requires a pre-existing renderer process compromise - a high-cost prerequisite that places this vulnerability firmly in the 'chained exploit' category rather than standalone risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has already achieved renderer process compromise through a separate, higher-severity vulnerability (for example, a memory corruption flaw in Chrome's JavaScript engine) serves a crafted HTML page to a targeted user. The malicious page leverages the insufficient Speech input validation to spoof browser UI elements - such as a fake security dialog or address bar content - deceiving the user into believing they are interacting with a trusted site or granting a permission they would otherwise reject. …
Remediation Upgrade Google Chrome to version 150.0.7871.47 or later, which resolves this vulnerability per the vendor advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-14150 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy