CVE Catalog

CVE-2026-14121

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile — higher than 21% of all known CVEs

Summary

A Use-After-Free vulnerability in the Chromoting component of Google Chrome on Linux prior to version 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. The issue is rated as Low severity by the Chromium security team.

Risk Assessment

An attacker can remotely execute arbitrary code on a vulnerable Linux system, potentially leading to browser or system compromise, though the low severity suggests limited exploitation conditions.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later on all Linux systems. Regularly monitor Chromium security updates.

Original NVD description (English source)

Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Low)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS