CVE Catalog

CVE-2026-13787

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.39%

31th percentile — higher than 31% of all known CVEs

Summary

A use-after-free vulnerability in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allows a remote attacker to execute arbitrary code via malicious network traffic.

Risk Assessment

The risk for the organization is critical as an attacker can remotely execute arbitrary code without user interaction, potentially leading to data theft or malware installation.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later on all Windows systems.

Original NVD description (English source)

Use after free in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS