Google disclosed CVE-2026-14105 on June 30, 2026, as a low-severity Chrome Speech flaw fixed in Chrome 150.0.7871.47, while NVD and CISA subsequently published sharply different CVSS assessments for the same same-origin-policy bypass. That disagreement is the story. A bug Google describes as a...