Google

Google has a local vulnerability (CVE pending) with a low CVSS score of 3.3, discovered by researcher Seiji Sakurai, that requires local access and user interaction to expose limited confidential information. The attack vector indicates no authentication is needed and there is no impact on integrity or availability, meaning an attacker would need physical or local system access to exploit it. Security teams should monitor the July 2026 vendor deadline for the official patch and advisory details, though this low-severity issue is not immediately critical.