CVE-2026-14414
N/AInsufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
NO EXPLOITATION SIGNALS
No known exploitation, public exploit, or elevated probability at this time. Track for changes.
Exploitation likelihood
—EPSS not yet scored
○ In CISA KEV
○ Public exploit / PoC
Impact if exploited
—CVSS · not scored
- No impact metrics
Weakness (CWE)
- CWE-20: Improper input validation
CVSS vector
Not yet scored.