Remote Code Execution Vulnerability in Google Chrome
CVE-2026-14407

8.8HIGH

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-14407?

A vulnerability in the V8 engine of Google Chrome enables attackers to execute arbitrary code within a secure sandboxed environment, triggered through specially crafted HTML pages. This flaw poses a risk to users as it can be exploited remotely, leading to unauthorized access and control over the user's system. Mitigation steps are necessary to prevent exploitation of this vulnerability.

Affected Version(s)

Chrome 150.0.7871.46

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.