Uninitialized Use Vulnerability in Dawn of Google Chrome on ChromeOS
CVE-2026-14421

6.5MEDIUM

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-14421?

A vulnerability in the Dawn component of Google Chrome on ChromeOS allows remote attackers to exploit uninitialized use conditions. By crafting a malicious HTML page, attackers can gain access to sensitive information stored in process memory. This issue affects certain versions prior to 150.0.7871.46, potentially putting user data at risk when browsing compromised or malicious web pages.

Affected Version(s)

Chrome 150.0.7871.46

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.