extension governance

  1. CVE-2026-14111: Chrome 150 WebProtect Use-After-Free & Extension Risk

    Google disclosed CVE-2026-14111 on June 30, 2026, as a low-severity use-after-free flaw in Chrome’s WebProtect component before version 150.0.7871.47, exploitable only after an attacker persuaded a user to install a malicious Chrome extension. The bug is not the scariest item in Chrome 150’s...