HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-14043Published Modified CNA Chrome

CVE-2026-14043: Use after free in GetUserMedia in Google Chrome prior to 150

Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Metrics

CVSS v3.1
9.6
Severity
CRITICAL
Fixed in
150.0.7871.47
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A use-after-free vulnerability in the GetUserMedia component of Google Chrome prior to version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to escape the browser sandbox via a crafted HTML page. The vulnerability is reachable over the network and requires the victim to visit a malicious page, but no authentication is needed. Successful exploitation gives the attacker full code execution outside the sandbox, with high impact to confidentiality, integrity, and availability. A patched-image rebuild at version 150.0.7871.47 is available on HarborGuard for environments running an affected version of Chrome.

HarborGuard Coverage

Detection

Detection of CVE-2026-14043 is available across every HarborGuard environment; the CVE is ingested from upstream feeds within minutes of publication and matched against customer images in connected registries and CI/CD pipelines, including custom-built images that bundle a Chrome or Chromium runtime.

Available
Triage

HarborGuard is capable of scoring this CVE at CVSS 9.6 (Critical) and weighting findings against each environment's compliance policy to determine urgency; triage results are routed to the appropriate team inbox within each customer organization based on configured ownership rules.

Available
Patch

A patched-image rebuild at Chrome 150.0.7871.47 becomes available through HarborGuard once an affected image is identified; for customers with auto-remediation enabled, HarborGuard performs the rebuild, runs a regression test suite against the new image, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityRequired

    The attacker delivers the exploit over the network by luring the victim to a crafted HTML page served from a remote host.

  • AuthenticationNot required

    No account or credentials are needed; the attack works against any unauthenticated browser session.

  • Victim interactionRequired

    The victim must visit a crafted HTML page, making social engineering (phishing link, malicious ad, or redirected URL) a necessary part of the attack chain.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and requires no special timing, race conditions, or environmental prerequisites beyond an already-compromised renderer process.

Blast Radius

  • A successful sandbox escape lets the attacker execute arbitrary code at the privilege level of the Chrome process on the host, breaking out of the browser's isolation boundary.
  • The attacker reads sensitive data accessible to the Chrome process, including stored credentials, session cookies, and files the browser user can access on disk.
  • The attacker modifies local files, browser profile data, or system configuration within the reach of the Chrome process user account.
  • The attacker can crash or destabilize the browser or trigger denial-of-service conditions on the host process.

How HarborGuard Handles This

Available on HarborGuard: any image containing a Chrome or Chromium runtime below version 150.0.7871.47 is flagged at Critical severity within minutes of the CVE entering the upstream feed. For customers with auto-remediation enabled, HarborGuard rebuilds the image at the patched version (150.0.7871.47), runs a regression test suite, and opens a pull request against affected workloads; the median time from CVE publication to merged patch PR for Critical-severity issues is around 90 minutes in environments with auto-remediation active. For customers who manage patching manually, the finding appears immediately in the HarborGuard dashboard with remediation guidance pointing to the fix version. Where compliance policy restricts auto-remediation, compensating controls such as network-policy isolation of workloads running Chrome or blocking untrusted external URLs at the egress layer are surfaced as interim recommendations until the patched image is promoted.

See how HarborGuard automates this

Fix available

150.0.7871.47
Affected packages
  • Google / Chrome
    < 150.0.7871.47 (from 150.0.7871.47)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H