Impact
The vulnerability is a race condition within the WebRTC component of Google Chrome A crafted HTML page can trigger the race, causing the browser to leak cross‑origin data. The effect is a breach of confidentiality, classified as a medium severity issue by Chromium.
Affected Systems
Affected users are those running Google Chrome on Windows with a version earlier than 150.0.7871.47. This includes the stable channel before the update released on 17 June 2026. Only Windows installations are impacted because the flaw occurs in the Windows build of the browser.
Risk and Exploitability
The EPSS score is not available and the vulnerability has not been listed in CISA KEV, but the Chrome documentation tags it as medium severity. An attacker can exploit the flaw by hosting a malicious web page that a victim visits, triggering the race and capturing data from other origins. The risk to confidentiality is significant, especially for users accessing sensitive information.
OpenCVE Enrichment