CVE Catalog

CVE-2026-13975

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile — higher than 16% of all known CVEs

Summary

An out-of-bounds read vulnerability in the ANGLE component of Google Chrome on Mac allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.

Risk Assessment

The risk involves potential leakage of sensitive data from browser memory, such as passwords, session tokens, or cryptographic keys, which could lead to further attack escalation or identity theft.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later on all Mac computers in the organization. Restart the browser after the update.

Original NVD description (English source)

Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS