Skip to main content

Google Chrome EUVDEUVD-2026-40742

| CVE-2026-14055 CRITICAL
Improper Input Validation (CWE-20)
2026-06-30 chrome-cve-admin@google.com GHSA-fhx7-pv78-v4ww
9.6
CVSS 3.1 · Vendor: google
Share

Severity by source

Vendor (google) PRIMARY
9.6 CRITICAL
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
vuln.today AI
8.3 HIGH

Requires a pre-existing renderer compromise plus victim interaction, so AC:H and UI:R; the sandbox escape crosses the isolation boundary (S:C) with full C/I/A impact at browser-process level.

3.1 AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
4.0 AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
SUSE
CRITICAL
qualitative

Primary rating from Vendor (google).

CVSS VectorVendor: google

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 14:30 vuln.today
CVSS changed
Jul 01, 2026 - 14:22 NVD
9.6 (CRITICAL)
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 30, 2026 - 23:17 cve.org
CRITICAL 9.6

DescriptionCVE.org

Insufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

AnalysisAI

Sandbox escape in Google Chrome on Windows prior to 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox by feeding crafted input to the Device Trust component via a malicious HTML page. NVD scores this 9.6 (Critical) while Google rates the Chromium security severity as Low, and there is no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Compromise renderer via separate bug
Delivery
Serve crafted HTML page
Exploit
Send malformed input to Device Trust
Execution
Trigger input-validation flaw
Persist
Escape renderer sandbox
Impact
Execute at browser-process privilege

Vulnerability AssessmentAI

Exploitation Exploitation requires that the attacker has ALREADY compromised the renderer process (per the description) and then delivers a crafted HTML page that the victim renders - the CVSS UI:R confirms user interaction (visiting/loading a page) is needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals conflict sharply and must be weighed carefully. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker first exploits a separate renderer vulnerability (e.g., via a malicious ad or compromised site the victim visits) to gain code execution inside Chrome's sandboxed renderer, then serves a crafted HTML page that sends malformed input to the Device Trust component to escape the sandbox and run at browser-process privilege. This is a chained, targeted scenario; no public exploit code has been identified at time of analysis, and success depends on already holding a renderer foothold.
Remediation Vendor-released patch: update Google Chrome to 150.0.7871.47 or later on Windows via the Stable Channel update (https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html); most managed and consumer installs auto-update, so ensure the browser is fully restarted to apply the new build and push the release through enterprise update policies. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Confirm Chrome auto-update is enabled and test Chrome 150.0.7871.47 in staging. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Critical
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

EUVD-2026-40742 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy