CVE-2026-13879
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk5th percentile — higher than 5% of all known CVEs
Summary
A Use-After-Free vulnerability in the Bluetooth component of Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral.
Risk Assessment
An attacker on the same local network could steal confidential data from browser memory, posing a risk to the organization's information confidentiality.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later, and consider restricting trusted Bluetooth devices on the local network.
Original NVD description (English source)
Use after free in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Medium)

