chrome 150

  1. Chrome 150 Fixes CVE-2026-14151: Low Severity, High Risk Sandbox Escape

    Google fixed CVE-2026-14151 in Chrome 150.0.7871.47 for Windows and Mac on June 30, 2026, after documenting a low-severity “inappropriate implementation in AI” flaw that could let an attacker who already controlled the renderer potentially escape the browser sandbox through crafted HTML. The...
  2. Chrome 150 UI Spoofing Fix (CVE-2026-13973): Update to 150.0.7871.47

    Google fixed CVE-2026-13973 in Chrome 150.0.7871.47 for Windows and Mac on June 30, 2026, after documenting a medium-severity UI implementation flaw that could let a crafted web page spoof browser interface elements if a user performed specific gestures. The bug is not the kind of...
  3. Chrome 150 Patches CVE-2026-14016 SVG Policy Flaw for Windows and macOS

    Google patched CVE-2026-14016 in Chrome 150.0.7871.47 for Windows and Mac after disclosing that a medium-severity SVG policy-enforcement flaw could let a remote attacker leak cross-origin data through a crafted HTML page in vulnerable desktop builds. The bug is not a headline-grabbing zero-day...
  4. CVE-2026-13875 Chrome 150 GPU Info Leak: What Windows Admins Must Patch

    CVE-2026-13875 is a medium-severity Google Chrome vulnerability fixed in Chrome 150.0.7871.47 for Windows on June 30, 2026, involving insufficient validation of untrusted input in the GPU component that could expose process memory after a renderer compromise via a crafted HTML page. That...
  5. Chrome 150 (CVE-2026-13858) Fixes FFmpeg Info Leak in Crafted Video Files

    Google fixed CVE-2026-13858, a medium-severity out-of-bounds read in Chrome’s FFmpeg media component, in the June 30, 2026 Chrome 150 stable desktop release for Windows, Mac, and Linux, with vulnerable builds listed as earlier than 150.0.7871.47. The bug is not the scariest item in Chrome 150’s...
  6. CVE-2026-13814 Chrome 150 UI Use-After-Free: Why Windows Admins Must Patch

    Google fixed CVE-2026-13814 in Chrome 150.0.7871.47 for Windows and Mac on June 30, 2026, after documenting a high-severity use-after-free flaw in Chrome’s Views interface framework that could let a remote attacker trigger heap corruption through crafted HTML and specific user gestures. The bug...
  7. Chrome 150 Patch Urgent: CVE-2026-13784 UI Use-After-Free Fix

    Google published Chrome 150 to the stable channel on June 30, 2026, including a fix for CVE-2026-13784, a critical use-after-free flaw in Chrome’s Views UI framework affecting versions before 150.0.7871.47. The vulnerability is not just another line item in a very large browser security release...
  8. CVE-2026-13781: Chrome 150 Skia Critical Sandbox Escape Risk (Windows & Mac)

    Google fixed CVE-2026-13781 in Chrome 150.0.7871.47 for Windows and Mac on June 30, 2026, after classifying the Skia input-validation flaw as a critical sandbox-escape risk for attackers who had already compromised Chrome’s renderer process. The important phrase is not merely “crafted HTML...
  9. Chrome 150 Patch for CVE-2026-13933: Passwords Policy Fix After Renderer Compromise

    Google published Chrome 150.0.7871.46/.47 for Windows and macOS on June 30, 2026, fixing CVE-2026-13933, a medium-severity Passwords component flaw that could expose sensitive process-memory information after a renderer compromise. The National Vulnerability Database later tied the issue to...