CVE Catalog
CVE-2026-14052
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.22%
13th percentile — higher than 13% of all known CVEs
Summary
Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page.
Risk Assessment
An attacker could gain unauthorized access to files or file system resources, potentially leading to data leakage or system integrity compromise.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later to remediate this vulnerability.
Original NVD description (English source)
Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)

