CVE-2026-14119
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
A type confusion vulnerability in Bluetooth within Google Chrome on Windows (prior to version 150.0.7871.47) allows an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. The issue is rated as Low severity by the Chromium team.
Risk Assessment
An attacker on the same local network can exploit this vulnerability to read portions of browser memory, potentially leaking sensitive data such as passwords or session tokens, but requires physical presence of a malicious Bluetooth device.
Recommendation
Immediately update Google Chrome on Windows systems to version 150.0.7871.47 or later. Restrict local network access for untrusted Bluetooth devices.
Original NVD description (English source)
Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Low)

