CVE-2026-13779
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk29th percentile — higher than 29% of all known CVEs
Summary
A use-after-free vulnerability in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allows a remote attacker to execute arbitrary code via malicious network traffic.
Risk Assessment
The risk for the organization is critical as an unauthenticated attacker can achieve full system compromise, impacting confidentiality, integrity, and availability.
Recommendation
Immediately update Google Chrome on ChromeOS to version 150.0.7871.47 or later. Restrict network access to unauthorized users.
Original NVD description (English source)
Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

