Cross-Site Scripting Flaw in Google Chrome
CVE-2026-14145

Currently unrated

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
30 June 2026

What is CVE-2026-14145?

A vulnerability in the CSS implementation of Google Chrome allows remote attackers to inject arbitrary scripts or HTML via a specially crafted HTML page. This flaw can potentially lead to cross-site scripting (XSS) attacks, enabling attackers to manipulate web content and execute unauthorized actions within the context of the user's session.

Affected Version(s)

Chrome 150.0.7871.47

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.