Google assigned CVE-2026-13954 to a medium-severity Chrome for Android flaw fixed before version 150.0.7871.47, where insufficient XML policy enforcement could let a remote attacker read potentially sensitive process memory through a crafted HTML page. The entry landed in the National...