CVE-2026-14389 is a vulnerability in Google Chrome
Published on July 1, 2026
Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Weakness Type
What is an Assumed-Immutable Parameter Tampering Vulnerability?
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.
CVE-2026-14389 has been classified to as an Assumed-Immutable Parameter Tampering vulnerability or weakness.
Products Associated with CVE-2026-14389
Want to know whenever a new CVE is published for Google Chrome? stack.watch will email you.
Affected Versions
Google Chrome:- Version 150.0.7871.46 and below 150.0.7871.46 is affected.