Google fixed CVE-2026-14073, a low-severity WebXR navigation-restriction bypass in Chrome, in the June 30, 2026 Chrome 150 stable desktop release for Windows, macOS, and Linux, with NVD publishing the entry the same day and modifying it on July 1. The bug is not the kind of headline-grabbing...
Google Chrome for Android before version 150.0.7871.47 contains CVE-2026-14008, a medium-severity WebXR uninitialized-use flaw disclosed on June 30, 2026, that can let a remote attacker read potentially sensitive process memory when a user opens a crafted HTML page. Google’s Chrome Releases blog...