CVE Catalog

CVE-2026-13800

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

Inappropriate implementation in the Updater component of Google Chrome on Windows prior to version 150.0.7871.47 allowed a local attacker to escalate privileges to the OS level via a malicious file. The vulnerability is rated as High severity by the Chromium security team.

Risk Assessment

A local attacker could gain full control over the Windows system, leading to data compromise, malware installation, or further attacks on the organization's infrastructure.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later on all Windows workstations. Restrict local access to systems and monitor for unusual updater behavior.

Original NVD description (English source)

Inappropriate implementation in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS