CVE-2026-13928
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk23th percentile — higher than 23% of all known CVEs
Summary
Insufficient validation of untrusted input in the Enterprise component in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page.
Risk Assessment
The organization faces the risk of privilege escalation by a remote attacker, potentially leading to unauthorized access to sensitive data or systems.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later to remediate the vulnerability.
Original NVD description (English source)
Insufficient validation of untrusted input in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

