CVE Catalog

CVE-2026-14052

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

13th percentile — higher than 13% of all known CVEs

Summary

Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page.

Risk Assessment

An attacker could gain unauthorized access to files or file system resources, potentially leading to data leakage or system integrity compromise.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later to remediate this vulnerability.

Original NVD description (English source)

Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS