CVE-2026-14406
N/AOut of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. (Chromium security severity: Medium)
NO EXPLOITATION SIGNALS
No known exploitation, public exploit, or elevated probability at this time. Track for changes.
Exploitation likelihood
—EPSS not yet scored
○ In CISA KEV
○ Public exploit / PoC
Impact if exploited
—CVSS · not scored
- No impact metrics
Weakness (CWE)
- CWE-125: Out-of-bounds read
CVSS vector
Not yet scored.