CVE-2026-14416: Update Chrome to 150.0.7871.46 for Dawn Sandbox Escape

CVE-2026-14416 is an out-of-bounds read in Chrome’s Dawn graphics component that affects versions before 150.0.7871.46 and could let a remote attacker use a crafted HTML page to cross the browser sandbox under favorable exploit conditions, even though Chromium labels the flaw Low severity. The apparent contradiction becomes sharper in the federal vulnerability data: CISA-ADP assigned a CVSS 3.1 base score of 9.6 CRITICAL, while NIST had not supplied an independent CVSS assessment when the NVD record was last modified on July 3, 2026. The result is a case study in why a severity label, a numerical score, and evidence of real-world exploitation answer three different security questions.
For Windows users, the immediate advice is uncomplicated: Chrome should be at version 150.0.7871.46 or later. For administrators, however, this vulnerability deserves more careful handling—not because it is known to be under attack, but because the record describes a browser-delivered memory-safety flaw with sandbox-escape potential and a worst-case impact extending beyond the vulnerable component.

Cybersecurity infographic depicting a critical WebGPU out-of-bounds read vulnerability and sandbox boundary breach.A Low-Severity Label Meets a Critical-Impact Score​

Google’s description is concise. CVE-2026-14416 is an out-of-bounds read in Dawn, and Chrome versions prior to 150.0.7871.46 can potentially be pushed toward a sandbox escape when a user encounters a crafted HTML page. Chrome, acting as the CVE source, classified the security severity as Low.
CISA-ADP’s CVSS 3.1 vector tells a much more alarming story: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H. Converted from scoring shorthand, that describes a network-reachable weakness with low attack complexity, no privileges required, required user interaction, changed security scope, and potentially high confidentiality, integrity, and availability impact.
Those statements can coexist because they measure different things. Chrome’s internal severity is a vendor judgment about the vulnerability in its product and exploit context; CVSS models the potential technical outcome if the conditions represented by the vector are satisfied. A flaw can be difficult to weaponize reliably, limited in primitive strength, or dependent on an exploit chain while still producing a severe calculated impact once the model assumes successful exploitation.
The most important word in Google’s description is therefore potentially. The record does not state that opening any malicious page produces an automatic, reliable escape from Chrome’s sandbox. It says a crafted page could exercise an out-of-bounds read in a component positioned close enough to a security boundary that a sandbox escape is a possible result.
Assessment sourceRecorded assessmentExploitation statePractical reading
ChromeLow severityNo exploitation claim in the CVE descriptionVendor considers the individual bug lower priority than its theoretical outcome suggests
CISA-ADP CVSS 3.19.6 CRITICALNot measured by the base scoreSuccessful exploitation is modeled as capable of crossing scope and causing high system impact
CISA-ADP SSVCExploitation: none; automatable: no; technical impact: totalNo exploitation evidence recordedSerious potential impact, but no recorded active exploitation or broadly automatable attack
NIST NVDNo NVD CVSS 3.x, 4.0, or 2.0 assessment yetNot independently determinedThe displayed 9.6 score is contributed by CISA-ADP, not an NVD-authored score
That distinction matters operationally. A security console that imports only the maximum score may present CVE-2026-14416 as an emergency equivalent to a broadly exploited, unauthenticated server vulnerability. A console that imports only Chrome’s Low label may bury a browser sandbox issue beneath routine application updates.
Both approaches throw away context. The rational response is to patch promptly, confirm deployment, and watch for new exploitation information—without claiming that CVE-2026-14416 is already a proven mass-exploitation event.

Dawn Puts Web Content Close to a Complex Graphics Boundary​

Dawn is not a decorative Chrome subsystem. It is Google’s open-source, cross-platform implementation of WebGPU and the underlying WebGPU implementation used by Chromium, with support spanning native graphics interfaces and a client-server design intended for applications operating inside sandboxes.
That architecture helps explain why a flaw in Dawn attracts attention even when its vendor severity is Low. Modern browsers do not treat graphics as a simple final step in displaying a page; they translate, validate, schedule, and transmit complex work across process and API boundaries before graphics commands reach platform drivers and hardware.
A crafted page can consequently supply deeply structured input without installing a traditional executable. The browser must parse and process that content while enforcing boundaries between web content, renderer processes, graphics services, the browser itself, and the operating system.
An out-of-bounds read means software may access memory beyond the range it was intended to read. The NVD record maps CVE-2026-14416 to CWE-125, the standard weakness category for this class of failure. The record does not publicly expose the exact faulty operation, memory layout, or reliable exploitation method, and the linked Chromium issue requires permission.
That restricted issue is not evidence of a cover-up or an unusually dangerous exploit by itself. Google commonly limits access to security bug details while updates are still propagating or when disclosure could expose related software that has not been fixed. The Stable Channel advisory explicitly notes that bug details may remain restricted until a majority of users have received the update.
The restriction does impose a limit on outside analysis. Without the underlying report and patch discussion, it is not responsible to claim that the out-of-bounds read provides a deterministic address leak, discloses arbitrary process memory, or independently produces code execution. Those are possible consequences associated with some memory-read vulnerabilities, not facts established by the public record for this one.
What is established is narrower but still consequential. The flaw resides in Dawn, can be reached through a crafted HTML page according to Chrome, and may enable a sandbox escape. The fixed boundary is version 150.0.7871.46: versions before it are affected, while administrators should treat that version as the minimum acceptable Chrome release for this CVE.

“Sandbox Escape” Describes a Boundary Failure, Not an Entire Attack Story​

Chrome’s sandbox is designed to limit what compromised or maliciously influenced browser components can do to the host system. A browser exploit that remains confined to a restricted process is dangerous, but containment can prevent it from immediately becoming unrestricted access to files, credentials, system resources, or other applications.
A sandbox escape attacks that containment layer. In practical exploit chains, an attacker may first gain influence or code execution in one constrained browser context and then use another vulnerability to cross into a more privileged context. CVE-2026-14416 is described in terms of potential escape, but the public text does not state whether it supplies every step needed for a complete compromise.
This is where the 9.6 vector earns its force. The S:C component means the modeled impact crosses a security scope rather than remaining entirely within the vulnerable component’s authority. Under the CVSS 3.1 specification, changed scope is used when successful exploitation affects resources governed by a different security authority.
The C:H/I:H/A:H portion then assumes high potential impact to confidentiality, integrity, and availability. In plain English, the score models a successful exploit as capable of exposing protected information, altering data or behavior, and disrupting affected resources.
But a base score is not a probability forecast. It does not say that 96 percent of attacks will succeed, that exploitation is 9.6 times more likely than for a lower-scored bug, or that attackers are already using the vulnerability. CVSS describes technical severity under its selected assumptions; it does not measure prevalence, attacker interest, patch adoption, exploit maturity, or the value of any particular target.
The vector also contains UI:R, meaning successful exploitation requires user interaction. For a browser bug, that may be as ordinary as reaching attacker-controlled content, but the public record does not define the precise interaction sequence. It is safer to say that the attack depends on a user or user-initiated browser action than to label it “zero-click.”
Likewise, AC:L records low attack complexity in the contributed vector, but that does not establish that a dependable exploit is easy to develop. CVSS attack complexity concerns conditions outside the attacker’s control; it is not a direct measure of the expertise, research time, memory manipulation, or platform-specific engineering required to build the exploit.

The Score Dispute Is Really a Context Dispute​

Severity disagreements often look like bad data when they are actually disagreements about the unit being scored. A product security team may assess how useful one bug is in isolation, whether the vulnerable path is reliably reachable, what mitigations stand in the way, and whether the primitive meaningfully advances an exploit chain.
A CVSS contributor instead selects standardized values describing access conditions and potential impact. Once network access, low complexity, no privileges, user interaction, changed scope, and high impact across all three categories are selected, the formula produces a Critical result. The arithmetic is doing what it was designed to do.
That makes neither label disposable. Chrome’s Low rating cautions against presenting CVE-2026-14416 as a confirmed one-page route to full machine compromise. CISA-ADP’s 9.6 score cautions against treating a potential graphics-path sandbox escape as an inconsequential information leak.
NVD’s presentation is particularly important here. At the time captured in the supplied record, NIST had not issued an independent CVSS 3.x score and had not supplied CVSS 4.0 or CVSS 2.0 assessments. The 9.6 score displayed on the page came from the CISA-ADP contribution.
Security products do not always preserve that provenance clearly. An administrator may see “NVD: 9.6” in a dashboard even when the NVD page is displaying an assessment contributed by another organization. That simplification can distort escalation decisions, especially when a vendor uses a very different rating.
The correct conclusion is not to average Low and Critical into Medium. Severity systems are not votes describing one shared quantity. The useful answer is a sentence: this is a Chrome memory-safety flaw with potential sandbox-escape impact, no exploitation recorded in the supplied SSVC data, and a fix available in Chrome 150.0.7871.46.

The SSVC Record Adds Restraint Without Removing Urgency​

CISA-ADP’s Stakeholder-Specific Vulnerability Categorization record supplies three decisions: exploitation is listed as none, the vulnerability is marked not automatable, and technical impact is rated total. The role attached to the record is CISA Coordinator, using SSVC version 2.0.3.
Those values describe a more nuanced posture than the 9.6 score alone. The “none” exploitation state means the record did not contain evidence of active exploitation or a public proof of concept under the applicable SSVC definition.
That is reassuring only within limits. Absence of recorded exploitation is not proof that no attacker has examined the bug, privately reproduced it, or incorporated related techniques into research. It means defenders should not claim known exploitation on the basis of this record.
The “automatable: no” value also requires care. It is an SSVC decision used in vulnerability prioritization, not a guarantee that no part of an attack can be scripted. A crafted page is software by definition; the relevant issue is whether exploitation can be reliably automated against targets with minimal steps and dependable results.
“Technical impact: total” points in the opposite direction. If exploitation succeeds as modeled, the result can cross an important security boundary and produce extensive consequences. That aligns with the changed-scope, high-impact CVSS vector even while the exploitation and automation fields reduce evidence of immediate mass risk.
This combination is precisely why patch prioritization should not be reduced to one color. CVE-2026-14416 is not recorded as an exploited emergency, but neither is it a flaw enterprises should leave open merely because the vendor label says Low. Browsers process untrusted internet content continuously, and a fixed version is already available.

Timeline​

June 24, 2026 — Google released Chrome 150.0.7871.46 to a small percentage of Windows and Mac users through its Early Stable channel.
June 30, 2026 — Google promoted Chrome 150 to the Stable channel, identifying 150.0.7871.46 as the Linux release and as one of the stable desktop builds containing the update. The advisory said the release included hundreds of security fixes and would roll out over the following days or weeks.
July 1, 2026, 7:16:50 PM — Chrome submitted the new CVE record with the Dawn out-of-bounds-read description, CWE-125 classification, affected-version boundary, release advisory, and restricted Chromium issue reference.
July 1, 2026, 8:16:42 PM — CISA-ADP added the CVSS 3.1 vector and the initial SSVC record.
July 2, 2026, 12:09:32 PM — NIST performed its initial analysis, adding the Chrome CPE configuration, the boundary excluding 150.0.7871.46, and reference types for the release notes, vendor advisory, and Chromium issue.
July 3, 2026, 12:17:48 AM — CISA-ADP modified the SSVC timestamp from 2026-07-02T00:01:26.535350Z to 2026-07-02T00:00:00+00:00 without changing the exploitation, automation, technical-impact, role, or SSVC-version decisions.
The timestamp correction should not be misread as a reassessment of the vulnerability. The substantive SSVC values remained the same; only the recorded timestamp changed.

Chrome’s Rollout Model Leaves a Verification Gap​

Chrome normally updates itself, which can make browser patching appear nearly automatic. In managed environments, however, “the vendor has released a fix” and “every endpoint is running the fix” are separate events.
Google’s stable-release announcement said the update would roll out over days or weeks. That staged model protects the browser population from a defective release spreading instantly, but it also creates a period in which supported systems can remain on an older build while the fixed build already exists.
Restarts are another source of lag. A system may download browser components without completing the transition to the new running version until Chrome is relaunched. Long-lived sessions, kiosk workloads, shared workstations, virtual desktops, remote application hosts, and machines that sleep instead of rebooting can all widen the gap between update availability and effective remediation.
Inventory systems may introduce further ambiguity. Some report the installed package version, others the active process version, and still others depend on delayed software scans. Administrators assessing CVE-2026-14416 need to know which measurement their tool is showing.
The clean decision boundary remains simple: Chrome versions prior to 150.0.7871.46 are affected. An endpoint at that version or later is beyond the vulnerable range defined in the NVD configuration, while an earlier version should be treated as requiring remediation.
This does not mean every Chromium-derived application is automatically covered by the same product record. The NVD CPE configuration specifically identifies Google Chrome, and the supplied CVE data names Chrome as the affected product. Other software may consume Chromium or Dawn code on a different schedule, but its status must be established through that vendor’s own advisory rather than inferred from Chrome’s version number.
For Windows organizations, that distinction is particularly important because Chrome may not be the only Chromium-based runtime in the estate. A Chrome update proves that Chrome has crossed the listed boundary; it does not certify every embedded browser, desktop application, development tool, or web-rendering component on the machine.

Enterprise Risk Starts With Browser Exposure, Not Just Asset Value​

Traditional vulnerability programs tend to prioritize public servers because they are continuously reachable. Browser vulnerabilities invert part of that model: the endpoint initiates the connection, but the browser continuously accepts and processes complex content from websites, advertisements, documents, messaging links, collaboration tools, and embedded sign-in flows.
That makes user browsing behavior an exposure channel, not a dependable mitigation. Blocking obviously malicious domains helps, but a crafted page can be delivered through a compromised legitimate site, injected content, redirection, or a link sent through an otherwise trusted communication system.
At the same time, the required-user-interaction metric prevents the issue from being equated with an unauthenticated service listening for arbitrary inbound packets. The attack must reach the browser through user or user-initiated activity, and the public record does not show active exploitation.
Risk therefore depends on both exposure and consequence. General employee workstations have broad web exposure; administrator workstations, developer systems, finance endpoints, and machines holding sensitive sessions may add unusually valuable consequences. Shared browsing hosts and virtual desktop infrastructure may combine high user volume with concentrated operational impact.
Organizations should avoid creating policy around the Low-versus-Critical argument alone. Whether the internal remediation target is measured in hours or days should also consider browser update enforcement, restart behavior, endpoint privilege, web filtering, telemetry coverage, asset sensitivity, and the organization’s tolerance for a potential sandbox-boundary failure.
There is no evidence in the supplied record requiring emergency isolation of fully updated systems. There is equally little justification for granting a routine, weeks-long exception to endpoints that remain below 150.0.7871.46 when a corrected stable release is available.

Action checklist for admins​

  • Confirm that managed Chrome installations report version 150.0.7871.46 or later.
  • Force or accelerate the browser update where normal staged rollout has not delivered the fixed release.
  • Require a Chrome relaunch when needed so the updated executable replaces older running processes.
  • Distinguish installed-version inventory from the version currently running on endpoints.
  • Identify machines with disabled updates, pinned versions, extended uptime, kiosk sessions, or broken management check-ins.
  • Treat unsupported or unmanaged Chrome installations below the fixed boundary as remediation failures.
  • Monitor vendor and government advisories for any change to exploitation status or publication of additional technical detail.
  • Evaluate other Chromium-based products separately instead of assuming the Chrome version boundary applies to them.

The Restricted Bug Leaves Important Questions Open​

The Chromium issue linked from the NVD record requires permission, so the public evidence does not reveal the exact code path, trigger, affected backend, reliability, mitigation bypass, or relationship to other Dawn defects. That limits how confidently defenders can model the attack beyond the CVE description and contributed metrics.
It also prevents meaningful independent reconciliation of the Low vendor rating and Critical CVSS score. Outside analysts can inspect the scoring vector, but they cannot verify from the restricted report whether the vulnerability supplies a strong memory-disclosure primitive, requires highly specific state, depends on another compromised process, or encounters platform-specific barriers.
The number of fixes in the Chrome 150 stable release makes attribution harder still. Google said the desktop release contained 433 security fixes, but the public release announcement does not provide an unrestricted technical narrative for CVE-2026-14416.
That opacity is normal during browser update deployment, yet it has a cost. Enterprise defenders must decide priority using a short description, one vendor severity, a contributed CVSS vector, an SSVC record, and a version boundary. Security scanners then compress those already compressed judgments into a badge.
The most defensible interpretation is deliberately bounded. CVE-2026-14416 is not publicly documented as a zero-day, there is no exploitation recorded in its SSVC data, and no public issue details establish a complete attack chain. It is nevertheless a remotely reachable browser vulnerability whose stated possible outcome is a sandbox escape, making prompt version verification appropriate.

Memory-Safety Bugs Remain a Browser Patch-Management Problem​

CVE-2026-14416 belongs to a class of defects that browsers have spent years trying to contain through process isolation, sandboxing, validation, and exploit mitigations. Those defenses matter, but their existence does not make memory-safety errors harmless. It changes the attacker’s job from finding one bug to assembling enough capability to cross multiple boundaries.
Dawn is especially relevant because it translates web-facing graphics workloads into operations spanning software abstractions, inter-process communication, native graphics APIs, and hardware-facing execution. Google’s own Chromium security reporting describes continued research into graphics acceleration, including the Dawn Wire protocol and related inter-process communication paths.
That does not prove a broader architectural failure behind CVE-2026-14416. It does show why graphics components remain attractive territory for defenders and researchers: they are large, performance-sensitive translation layers required to accept complicated, attacker-influenced input while interacting with lower-level systems.
For endpoint teams, the strategic lesson is not to disable modern browser graphics features reflexively. Unsupported configuration changes can break applications, create operational drift, and substitute an improvised control for a vendor patch. The durable control is an update process that can measure active browser versions, compel relaunches, identify exceptions, and validate completion.
Browser patching also needs a shorter feedback loop than conventional monthly desktop maintenance. Chrome releases do not wait for an organization’s operating-system patch window, and a browser may cross multiple security-relevant builds between monthly change cycles. Treating it as just another desktop application can leave internet-facing parsing code behind the vendor’s supported security baseline.

The Practical Reading of CVE-2026-14416​

The strongest response to conflicting severity data is not to choose the most comforting label or the most dramatic number. It is to preserve the distinctions the databases are attempting to express.
  • Chrome versions before 150.0.7871.46 are within the affected range.
  • The weakness is a CWE-125 out-of-bounds read in Dawn.
  • A crafted HTML page may potentially lead to a sandbox escape.
  • Chrome rates the flaw Low, while CISA-ADP’s CVSS 3.1 vector produces 9.6 CRITICAL.
  • NIST had not supplied its own CVSS assessment when the record was last modified on July 3, 2026.
  • CISA-ADP recorded no exploitation, no automation, and total technical impact in its SSVC data.
The practical posture is therefore patch promptly, verify aggressively, and describe cautiously. Organizations should not wait for evidence of exploitation before moving Chrome beyond the affected range, but neither should they tell users that ordinary browsing has been shown to produce immediate system compromise.
CVE-2026-14416 is less a story about one mysterious Dawn memory read than about the limits of vulnerability shorthand. A Low vendor label can conceal a serious boundary-crossing outcome; a 9.6 score can conceal the absence of known exploitation and the uncertainty of weaponization. The organizations best prepared for the next browser flaw will be those that stop asking which single label is “correct” and build update systems capable of acting on the whole record.

References​

  1. Primary source: NVD / Chromium
    Published: 2026-07-11T15:38:04-07:00
  2. Security advisory: MSRC
    Published: 2026-07-11T15:38:04-07:00
    Original feed URL
  3. Related coverage: cvefeed.io
  4. Related coverage: security-tracker.debian.org
  5. Related coverage: dawn.googlesource.com
  6. Related coverage: issues.chromium.org
  1. Related coverage: chromium.org
 

Back
Top