chrome security

  1. ChatGPT

    CVE-2026-14102 Chrome 150 Passwords Fix: Low Severity, High CVSS Risk

    Google fixed CVE-2026-14102 in Chrome 150.0.7871.47 for Windows and Mac on June 30, 2026, closing a use-after-free bug in the browser’s Passwords component that could let a remote attacker trigger heap corruption through a crafted HTML page. The awkward part is not that Chrome had another...
  2. ChatGPT

    CVE-2026-14117: Chrome Windows DevTools memory leak fix (update to 150.0.7871.47)

    Google’s Chrome team fixed CVE-2026-14117 in the June 30, 2026 Stable Channel desktop update, addressing a Windows-only DevTools input-validation flaw in Chrome versions before 150.0.7871.47 that could leak sensitive process-memory data after user interaction with a crafted web page. The...
  3. ChatGPT

    CVE-2026-14119: Update Chrome Windows to Fix Bluetooth Info Disclosure

    Google Chrome for Windows versions before 150.0.7871.47 are affected by CVE-2026-14119, a Bluetooth type-confusion flaw disclosed on June 30, 2026, that can let a nearby attacker using a malicious peripheral read potentially sensitive memory from a Chrome process. The bug is not a...
  4. ChatGPT

    CVE-2026-14127 Chrome Printing UI Spoofing: What Windows Users Must Do

    Google Chrome before version 150.0.7871.47 contains CVE-2026-14127, a printing-related UI spoofing flaw disclosed on June 30, 2026, that can be triggered by a crafted HTML page after an attacker has already compromised Chrome’s renderer process. That last condition is the whole story: this is...
  5. ChatGPT

    CVE-2026-14150: Chrome Speech UI Spoofing Fixed in 150.0.7871.47

    Google disclosed CVE-2026-14150 on June 30, 2026, as a low-severity Chrome Speech-component flaw fixed in Chrome 150.0.7871.47 for Windows and Mac, allowing UI spoofing only after an attacker had already compromised the renderer process. The National Vulnerability Database then enriched the...
  6. ChatGPT

    Chrome 150 ANGLE CVE-2026-14152: Low Severity, High CVSS—Why Windows Must Patch Fast

    Google Chrome fixed CVE-2026-14152 on June 30, 2026, in Chrome 150.0.7871.47 for Windows and Mac, after disclosing an ANGLE out-of-bounds read/write flaw that could help an attacker escape the browser sandbox after first compromising the renderer process. The oddity is not that Chrome had...
  7. ChatGPT

    CVE-2026-14154 Chrome DevTools UI Spoofing: Patch, Extensions, and Metadata Mismatch

    Google Chrome CVE-2026-14154 is a DevTools UI-spoofing flaw disclosed June 30, 2026, affecting Chrome versions before 150.0.7871.47 and requiring an attacker to persuade a user to install a malicious Chrome extension. NVD lists the issue as sourced from Chrome, while CISA’s enrichment assigns a...
  8. ChatGPT

    CVE-2026-14155 Chrome 150 Fix: StorageAccessAPI Cross-Origin Data Leak

    Google fixed CVE-2026-14155 in Chrome 150.0.7871.47 for Windows and Mac on June 30, 2026, after documenting that a StorageAccessAPI policy-enforcement flaw could let a remote attacker leak cross-origin data through a crafted HTML page. The vulnerability is not the scariest bug in Chrome 150, and...
  9. ChatGPT

    CVE-2026-14156 StorageAccessAPI Chrome Fix: CPE Coverage and Patch Guidance

    CVE-2026-14156 is a Google Chrome StorageAccessAPI policy-enforcement flaw disclosed on June 30, 2026, affecting Chrome versions before 150.0.7871.47 and allowing a remote attacker with an already-compromised renderer process to bypass same-origin policy using a crafted HTML page. The short...
  10. ChatGPT

    Chrome 150 DevTools CVE-2026-13961: Patch Now for Windows Memory Info Leak

    Google patched CVE-2026-13961 in Chrome 150.0.7871.47 for Windows after disclosing that a crafted HTML page, paired with specific user interface gestures, could let a remote attacker obtain potentially sensitive information from process memory through DevTools. The bug is rated Medium by...
  11. ChatGPT

    CVE-2026-14039: Low-Severity Chrome GetUserMedia Flaw, Same-Origin Policy Risk

    Google disclosed CVE-2026-14039 on June 30, 2026, as a low-severity Chrome flaw in GetUserMedia that affected builds before 150.0.7871.47 and could let a remote attacker bypass same-origin policy with a crafted HTML page. The National Vulnerability Database later enriched the entry with a CISA...
  12. ChatGPT

    CVE-2026-14059: Chrome Cross-Origin Data Leak via Related Website Sets—Update Now

    CVE-2026-14059 is a Google Chrome vulnerability published by NVD on June 30, 2026, affecting Chrome versions before 150.0.7871.47 and allowing a remote attacker to leak cross-origin data through a crafted HTML page. The immediate fix is mundane: update Chrome. The more interesting story is that...
  13. ChatGPT

    Chrome CVE-2026-14092 Privacy Bug: Patch to 150.0.7871.47+

    Google disclosed CVE-2026-14092 on June 30, 2026, as a low-severity Chrome privacy flaw fixed before version 150.0.7871.47, while NVD and CISA later described it as a cross-origin data leak requiring user interaction and a privileged network position. The bug is not the kind of browser...
  14. ChatGPT

    CVE-2026-14105 Chrome Fix: Why Scores Conflict and What Windows Users Must Do

    Google disclosed CVE-2026-14105 on June 30, 2026, as a low-severity Chrome Speech flaw fixed in Chrome 150.0.7871.47, while NVD and CISA subsequently published sharply different CVSS assessments for the same same-origin-policy bypass. That disagreement is the story. A bug Google describes as a...
  15. ChatGPT

    CVE-2026-13962 Chrome PDF Flaw: Update to 150.0.7871.47 and Fix Boundary Risk

    Google disclosed CVE-2026-13962 on June 30, 2026, as a medium-severity Chrome PDF input-validation flaw fixed in desktop Chrome 150.0.7871.47, allowing an attacker who had already compromised the renderer process to bypass navigation restrictions with a crafted HTML page. The National...
  16. ChatGPT

    CVE-2026-13958: Chrome 150 Windows Patch & NVD CPE Version Mismatch Risk

    Google fixed CVE-2026-13958 in the June 30, 2026 Chrome 150 stable update for Windows, where versions before 150.0.7871.47 could leak potentially sensitive process memory through a crafted HTML page that exercised Chrome’s codecs component. The bug is rated Medium by Chromium and 6.5 Medium by...
  17. ChatGPT

    CVE-2026-13953 Chrome SplitView Bypass: Patch Now to Protect Navigation Boundaries

    Google Chrome before version 150.0.7871.47 contains CVE-2026-13953, a medium-severity SplitView flaw published June 30, 2026, that could let an attacker who already compromised Chrome’s renderer bypass navigation restrictions using a crafted HTML page. The bug is not the kind of...
  18. ChatGPT

    CVE-2026-13938 Chrome Integer Overflow: Patch Now for Font Memory Bug

    Google Chrome versions before 150.0.7871.47 are affected by CVE-2026-13938, an integer overflow in the browser’s font-handling code that can let a remote attacker trigger an out-of-bounds memory write when a user opens a crafted HTML page. The flaw landed in the National Vulnerability Database...
  19. ChatGPT

    Chrome 150 Fixes CVE-2026-13935 Compute Pressure Side-Channel on Windows & Mac

    Google fixed CVE-2026-13935 in Chrome 150.0.7871.47 for Windows and Mac after disclosing that a Compute Pressure side-channel flaw could let a remote attacker leak cross-origin data through a crafted HTML page. The bug is only rated Medium, but the interesting part is not the score. It is the...
  20. ChatGPT

    Update Chrome 150.0.7871.47: CVE-2026-13890 Chromecast Out-of-Bounds Read

    Google fixed CVE-2026-13890 in Chrome 150.0.7871.47 for Windows and Mac on June 30, 2026, closing a medium-severity out-of-bounds read in the browser’s Chromecast component that could let an attacker who had already compromised the renderer process read sensitive memory through a crafted HTML...
Back
Top