CVE-2026-14424
CriticalCVSS 9.6Exploitation Probability (EPSS)
Low risk12th percentile — higher than 12% of all known CVEs
Summary
A use-after-free vulnerability exists in the Dawn component of Google Chrome on Mac prior to version 150.0.7871.46. A remote attacker could exploit a crafted HTML page to potentially achieve a sandbox escape.
Risk Assessment
The risk for the organization is the potential for an attacker to gain control of the browser process and bypass sandbox restrictions, leading to arbitrary code execution in the user's context.
Recommendation
Immediately update Google Chrome to version 150.0.7871.46 or later on all Mac systems within the organization.
Original NVD description (English source)
Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

