CVE Catalog

CVE-2026-14094

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.09%

1th percentile — higher than 1% of all known CVEs

Summary

Use-After-Free vulnerability in Google Chrome Installer on Windows prior to 150.0.7871.47 allows a local attacker to perform OS-level privilege escalation via a malicious file.

Risk Assessment

A local attacker could gain elevated privileges, potentially leading to full compromise of the Windows system.

Recommendation

It is recommended to immediately update Google Chrome to version 150.0.7871.47 or later on all Windows systems.

Original NVD description (English source)

Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Low)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS