Insufficient Input Validation in Google Chrome Media Component
CVE-2026-15771

5.3MEDIUM

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
14 July 2026

What is CVE-2026-15771?

A security vulnerability in the Media component of Google Chrome enables remote attackers to exploit insufficient validation of untrusted input. This flaw affects versions prior to 150.0.7871.125 and allows attackers who have compromised the renderer process to access potentially sensitive information stored in the process memory through a specially crafted HTML page. Users are advised to update their browsers to protect against potential exploitation of this vulnerability.

Affected Version(s)

Chrome 150.0.7871.125

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.