CVE-2026-13893
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk17th percentile — higher than 17% of all known CVEs
Summary
Insufficient validation of untrusted input in WebUI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via malicious network traffic.
Risk Assessment
The organization is at risk of cross-origin data leakage, potentially leading to theft of authentication credentials or other sensitive user information.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later and instruct users to update their browsers.
Original NVD description (English source)
Insufficient validation of untrusted input in WebUI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via malicious network traffic. (Chromium security severity: Medium)

