google chrome CVE-2026-14387 is a vulnerability in Google Chrome
Published on July 1, 2026

Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

NVD

Weakness Type

What is an Assumed-Immutable Parameter Tampering Vulnerability?

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

CVE-2026-14387 has been classified to as an Assumed-Immutable Parameter Tampering vulnerability or weakness.


Products Associated with CVE-2026-14387

Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.

 

Affected Versions

Google Chrome: