CVE-2026-13810
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk18th percentile — higher than 18% of all known CVEs
Summary
Inappropriate implementation in Input in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
Risk Assessment
An attacker could exfiltrate confidential data stored in browser memory, such as passwords, session tokens, or credit card details, leading to a breach of confidentiality and potentially further attacks.
Recommendation
Immediately update Google Chrome on Linux systems to version 150.0.7871.47 or later. Ensure automatic updates are enabled.
Original NVD description (English source)
Inappropriate implementation in Input in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

