Skip to main content

Google Chrome EUVDEUVD-2026-40597

| CVE-2026-13911 MEDIUM
Improper Input Validation (CWE-20)
2026-06-30 chrome-cve-admin@google.com GHSA-2w8q-jwxq-9mrg
5.3
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
5.3 MEDIUM
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
vuln.today AI
5.3 MEDIUM

AC:H captures the mandatory renderer-compromise prerequisite; C:H reflects direct process memory read; no integrity or availability impact exists.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
4.0 AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 02:27 vuln.today
CVSS changed
Jul 01, 2026 - 02:22 NVD
5.3 (MEDIUM)
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 30, 2026 - 23:17 cve.org
MEDIUM 5.3

DescriptionCVE.org

Insufficient policy enforcement in Spellcheck in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

AnalysisAI

Insufficient policy enforcement in the Spellcheck component of Google Chrome prior to 150.0.7871.47 exposes process memory to attackers who have already achieved renderer process compromise. The vulnerability enables a second-stage information disclosure step in a chained attack: after compromising the renderer, the attacker serves a crafted HTML page that exploits the Spellcheck policy gap to read potentially sensitive data from memory. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Deliver malicious page to Chrome user
Delivery
Exploit separate renderer vulnerability
Exploit
Compromise renderer process
Execution
Serve crafted HTML triggering Spellcheck flaw
Persist
Read sensitive data from process memory
Impact
Exfiltrate captured memory contents

Vulnerability AssessmentAI

Exploitation Exploitation requires that the attacker has already compromised the Chrome renderer process via a separate vulnerability - this is an explicit prerequisite stated in the CVE description ('a remote attacker who had compromised the renderer process'). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N yields a base score of 5.3 (Medium). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has separately exploited a renderer-process vulnerability in Chrome - for example, a JavaScript engine type-confusion bug - then serves a crafted HTML page designed to trigger the Spellcheck policy enforcement flaw, causing the compromised renderer to read and exfiltrate memory regions containing potentially sensitive data such as credentials, tokens, or page content from other contexts. No public proof-of-concept code for this specific vulnerability has been identified, and it would realistically appear as a chained second stage in a full browser exploit rather than as a standalone attack.
Remediation Update Google Chrome to version 150.0.7871.47 or later, which includes the Spellcheck policy enforcement fix per the vendor stable channel advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

EUVD-2026-40597 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy