CVE Catalog

CVE-2026-13779

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile — higher than 29% of all known CVEs

Summary

A use-after-free vulnerability in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allows a remote attacker to execute arbitrary code via malicious network traffic.

Risk Assessment

The risk for the organization is critical as an unauthenticated attacker can achieve full system compromise, impacting confidentiality, integrity, and availability.

Recommendation

Immediately update Google Chrome on ChromeOS to version 150.0.7871.47 or later. Restrict network access to unauthorized users.

Original NVD description (English source)

Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS