Vulnerability in Google Chrome
CVE-2026-14073
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
Affected products
- Google Chrome — versions 150.0.7871.47