Skip to main content

Google Chrome CVE-2026-14396

| EUVDEUVD-2026-41178 MEDIUM
Out-of-bounds Read (CWE-125)
2026-07-01 Chrome GHSA-q6j6-g24g-p9x4
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Network-delivered via crafted HTML page (AV:N, AC:L), no attacker privileges needed (PR:N), victim must actively visit the page (UI:R), impact is confidentiality-only cross-origin data leak with no integrity or availability consequence (C:H/I:N/A:N).

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 02, 2026 - 17:26 vuln.today
CVSS changed
Jul 02, 2026 - 17:22 NVD
6.5 (MEDIUM)
CVE Published
Jul 01, 2026 - 22:21 cve.org
MEDIUM 6.5
CVE Published
Jul 01, 2026 - 22:21 cve.org
UNKNOWN (no severity yet)

DescriptionNVD

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

AnalysisAI

Cross-origin data exfiltration in Google Chrome's ANGLE graphics layer exposes sensitive browser memory contents to remote attackers who can induce a victim to visit a crafted HTML page. The out-of-bounds read in ANGLE (Chrome's cross-platform graphics abstraction engine) affects all Chrome desktop versions prior to 150.0.7871.46, confirmed by Google's stable channel advisory. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious HTML page exploiting ANGLE
Delivery
Deliver page URL to victim via phishing or malvertising
Exploit
Victim clicks link and Chrome renders page
Execution
ANGLE performs out-of-bounds read in graphics layer
Persist
Cross-origin memory contents leaked
Impact
Exfiltrate sensitive data to attacker-controlled server

Vulnerability AssessmentAI

Exploitation Exploitation requires a victim using a vulnerable Chrome version (prior to 150.0.7871.46) to actively visit an attacker-controlled or compromised web page - the CVSS UI:R metric confirms passive or network-only exploitation is not possible. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N scores 6.5 (Medium). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious HTML page that triggers an out-of-bounds read within Chrome's ANGLE graphics layer during page rendering. The victim is directed to this page via phishing email, malvertising banner, or compromised website redirect, and upon rendering, the browser leaks cross-origin memory contents - potentially including session tokens or sensitive page data from other open tabs or frames - back to the attacker's server. …
Remediation Update Google Chrome to version 150.0.7871.46 or later, the vendor-confirmed patched release documented at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-14396 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy