Insufficient Input Validation in Google Chrome Skia Component
CVE-2026-14414

5.3MEDIUM

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-14414?

A vulnerability in the Skia component of Google Chrome allows remote attackers to exploit insufficient validation of untrusted input. By compromising the renderer process, attackers can potentially access sensitive information stored in process memory through specially crafted HTML pages. This issue underscores the necessity for robust input validation mechanisms to protect sensitive data within browser environments.

Affected Version(s)

Chrome 150.0.7871.46

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.