You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-12014
About this tag
CVE-2026-12014 is a high-severity use-after-free vulnerability in Google Chrome's Cast component, affecting versions before 149.0.7827.115. Published by NVD on June 11, 2026, the flaw could allow an attacker on the local network to potentially escape the browser sandbox via malicious network traffic. Discussions on WindowsForum highlight a metadata issue: the initial CPE configuration in NVD may exclude versions before 149.0.7827.114, while the vendor fix targets 149.0.7827.115, creating confusion for automated patch compliance. Users and IT administrators should verify Chrome is updated to at least 149.0.7827.115 to mitigate the LAN-based risk.
Google Chrome CVE-2026-12014 was published by NVD on June 11, 2026, describing a high-severity use-after-free flaw in Chrome’s Cast component before version 149.0.7827.115 that could let a local-network attacker potentially escape the browser sandbox with malicious network traffic. The awkward...