Uninitialized Use in Google Chrome Affects User Security
CVE-2026-14399

6.5MEDIUM

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-14399?

A security oversight was identified in Google Chrome, specifically in the Dawn component, which potentially permits remote attackers to extract sensitive information from process memory. This issue is specifically present in versions of Chrome prior to 150.0.7871.46, exposing users to risks when visiting specially crafted HTML pages. Users are urged to update their browsers to safeguard against potential data leaks.

Affected Version(s)

Chrome 150.0.7871.46

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.