CVE-2026-14048
Last modified
CVE-2026-14048 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Low). EPSS estimates a 0.11% chance of exploitation in the next 30 days.
Description
Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Low)
Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Chrome | < 150.0.7871.46 |
References
- https://issues.chromium.org/issues/499189601Permissions Required
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-14048?
How severe is CVE-2026-14048?
How do I fix CVE-2026-14048?
Related CVEs from 2026
- CVE-2026-14042Inappropriate implementation in Isolated Web Apps in Google …4.3
- CVE-2026-14043Use after free in GetUserMedia in Google Chrome prior to 150…9.6
- CVE-2026-14044Use after free in ANGLE in Google Chrome prior to 150.0.7871…9.6
- CVE-2026-14045Insufficient validation of untrusted input in Network in Goo…4.3
- CVE-2026-14046Inappropriate implementation in CustomTabs in Google Chrome …4.3
- CVE-2026-14047Insufficient policy enforcement in Extensions in Google Chro…4.3
- CVE-2026-14049Inappropriate implementation in GPU in Google Chrome prior t…5.3
- CVE-2026-1405The Slider Future plugin for WordPress is vulnerable to arbi…9.8
- CVE-2026-14050Insufficient policy enforcement in Passwords in Google Chrom…6.5
- CVE-2026-14051Uninitialized Use in GamepadAPI in Google Chrome prior to 15…6.5
- CVE-2026-14052Insufficient policy enforcement in FileSystem in Google Chro…4.3
- CVE-2026-14053Insufficient policy enforcement in Extensions in Google Chro…4.3
Are you affected by CVE-2026-14048?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
