CVE-2026-13830
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk14th percentile — higher than 14% of all known CVEs
Summary
A Use-After-Free vulnerability in the Chromoting component of Google Chrome on Linux prior to version 150.0.7871.47 allows a remote attacker to execute arbitrary code via malicious network traffic. The issue is rated as High severity by the Chromium security team.
Risk Assessment
An attacker can remotely take control of the victim's system by executing arbitrary code in the browser context, potentially leading to data theft, malware installation, or further privilege escalation.
Recommendation
Immediately update Google Chrome on Linux systems to version 150.0.7871.47 or later. If an update is not possible, consider temporarily disabling or restricting access to the Chromoting feature.
Original NVD description (English source)
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)

