CVE-2026-13940

Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. (Chromium security severity: Medium)
Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

History

02 Jul 2026, 14:27

Type Values Removed Values Added
First Time Google chrome
Google
References () https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html - () https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html - Release Notes, Vendor Advisory
References () https://issues.chromium.org/issues/513158425 - () https://issues.chromium.org/issues/513158425 - Permissions Required
CPE cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

01 Jul 2026, 02:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

30 Jun 2026, 23:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-30 23:17

Updated : 2026-07-02 14:27


NVD link : CVE-2026-13940

Mitre link : CVE-2026-13940

CVE.ORG link : CVE-2026-13940


JSON object : View

Products Affected

google

  • chrome
CWE
CWE-457

Use of Uninitialized Variable