CVE Catalog

CVE-2026-14067

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.41%

33th percentile — higher than 33% of all known CVEs

Summary

A Use-After-Free vulnerability in Chrome for iOS prior to version 150.0.7871.47 allows a remote attacker to execute arbitrary code via a crafted HTML page. The issue is rated as low severity by the Chromium team.

Risk Assessment

An attacker could exploit this vulnerability to execute malicious code within the browser context, potentially leading to data theft or session hijacking.

Recommendation

Update Google Chrome on iOS to version 150.0.7871.47 or later immediately.

Original NVD description (English source)

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS