CVE Catalog

CVE-2026-13830

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

14th percentile — higher than 14% of all known CVEs

Summary

A Use-After-Free vulnerability in the Chromoting component of Google Chrome on Linux prior to version 150.0.7871.47 allows a remote attacker to execute arbitrary code via malicious network traffic. The issue is rated as High severity by the Chromium security team.

Risk Assessment

An attacker can remotely take control of the victim's system by executing arbitrary code in the browser context, potentially leading to data theft, malware installation, or further privilege escalation.

Recommendation

Immediately update Google Chrome on Linux systems to version 150.0.7871.47 or later. If an update is not possible, consider temporarily disabling or restricting access to the Chromoting feature.

Original NVD description (English source)

Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS