{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/chrome--150.0.7871.47/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":8.1,"id":"CVE-2026-13779"},{"cvss":6.5,"id":"CVE-2026-13810"},{"cvss":4.3,"id":"CVE-2026-13837"},{"cvss":9.1,"id":"CVE-2026-13852"},{"cvss":9.6,"id":"CVE-2026-13859"}],"_cs_exploited":false,"_cs_has_poc":true,"_cs_poc_references":["https://sploitus.com/exploit?id=3297FA74-345B-5662-AE60-ACE4BD802600\u0026utm_source=rss\u0026utm_medium=rss"],"_cs_products":["Chrome (\u003c 150.0.7871.46)","Chrome (\u003c 150.0.7871.47)","Google Chrome","V8 (\u003c= 14.9.207.29)"],"_cs_severities":["high"],"_cs_tags":["vulnerability","patch-management","browser","google-chrome","cve"],"_cs_type":"advisory","_cs_vendors":["Google"],"content_html":"\u003cp\u003eOn July 2, 2026, CERT-FR published an advisory detailing multiple security vulnerabilities affecting Google Chrome. These vulnerabilities, encompassing CVE-2026-13774 through CVE-2026-13895, exist in Chrome versions prior to 150.0.7871.46 for Windows and Linux, and prior to 150.0.7871.47 for macOS. The advisory indicates that these flaws could allow an attacker to cause an unspecified security problem. While the specific nature of each vulnerability (e.g., use-after-free, type confusion) is not detailed by CERT-FR, such browser vulnerabilities often lead to arbitrary code execution, denial of service, or information disclosure. Organizations are advised to update affected Chrome instances promptly to mitigate potential risks.\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of these vulnerabilities could lead to a compromise of the user's browser, potentially resulting in client-side arbitrary code execution, sensitive information disclosure, or denial of service, depending on the specific nature of the triggered flaw. Although the precise impact is not specified by the vendor, vulnerabilities in web browsers are frequently leveraged as initial access vectors in broader attack campaigns, affecting individual users and potentially providing a foothold into corporate networks. All users and organizations running vulnerable Chrome versions are at risk until patched.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrioritize patching all Google Chrome installations to version 150.0.7871.46 or later for Windows and Linux, and 150.0.7871.47 or later for macOS, as outlined in the Google Chrome release blog referenced in this brief.\u003c/li\u003e\n\u003cli\u003eEnsure that all instances of Google Chrome on Windows, Linux, and macOS are updated to address the vulnerabilities identified by CVE-2026-13774 through CVE-2026-13895 immediately.\u003c/li\u003e\n\u003cli\u003eRegularly review the official Google Chrome Release Blog and CERT-FR advisories for new security updates and apply them promptly to maintain a secure browsing environment.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-17T12:02:11Z","date_published":"2026-07-02T13:56:05Z","id":"https://feed.craftedsignal.io/briefs/2026-07-chrome-multi-vuln/","summary":"Multiple vulnerabilities, including CVE-2026-13774 through CVE-2026-13895, have been discovered in Google Chrome, allowing an attacker to cause an unspecified security problem on affected Windows, Linux, and macOS systems by exploiting these flaws.","title":"Multiple Vulnerabilities in Google Chrome (CVE-2026-13774 through CVE-2026-13895)","url":"https://feed.craftedsignal.io/briefs/2026-07-chrome-multi-vuln/"}],"language":"en","title":"CraftedSignal Threat Feed - Chrome (\u003c 150.0.7871.47)","version":"https://jsonfeed.org/version/1.1"}