CVE Vulnerabilities

CVE-2026-13940

Use of Uninitialized Variable

Published: Jun 30, 2026 | Modified: Jul 02, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. (Chromium security severity: Medium)

Weakness

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

Affected Software

NameVendorStart VersionEnd Version
ChromeGoogle*150.0.7871.47 (excluding)
Chromium-browserUbuntuupstream*

Potential Mitigations

References