Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. (Chromium security severity: Medium)
References
| Link | Resource |
|---|---|
| https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html | Release Notes Vendor Advisory |
| https://issues.chromium.org/issues/513158425 | Permissions Required |
Configurations
History
02 Jul 2026, 14:27
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Google chrome
|
|
| References | () https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html - Release Notes, Vendor Advisory | |
| References | () https://issues.chromium.org/issues/513158425 - Permissions Required | |
| CPE | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* |
01 Jul 2026, 02:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
30 Jun 2026, 23:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-30 23:17
Updated : 2026-07-02 14:27
NVD link : CVE-2026-13940
Mitre link : CVE-2026-13940
CVE.ORG link : CVE-2026-13940
JSON object : View
Products Affected
- chrome
CWE
CWE-457
Use of Uninitialized Variable
