Google Chrome for Android before version 150.0.7871.47 contains CVE-2026-14008, a medium-severity WebXR uninitialized-use flaw disclosed on June 30, 2026, that can let a remote attacker read potentially sensitive process memory when a user opens a crafted HTML page. Google’s Chrome Releases blog...