Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Remote but requires an active Chrome Remote Desktop session (UI:R) and reliable heap grooming of a use-after-free (AC:H); full RCE keeps C/I/A High.
Primary rating from Vendor (google).
CVSS VectorVendor: google
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Low)
AnalysisAI
Remote code execution in Google Chrome's Chromoting (Chrome Remote Desktop) component on Linux, fixed in 150.0.7871.47, lets a remote attacker corrupt memory via crafted network traffic and potentially run arbitrary code. The flaw is a CWE-416 use-after-free reported by Google's internal Chrome security team; there is no public exploit identified at time of analysis and it is not in CISA KEV. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the Chromoting / Chrome Remote Desktop feature to be in use - the vulnerable code is only reachable when a remote-desktop session is active - and the target must be running an unpatched Linux Chrome build earlier than 150.0.7871.47. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The raw signals conflict sharply and should not be taken at face value. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can reach or interpose on a victim's active Chrome Remote Desktop session sends specially crafted network traffic that triggers the use-after-free in Chromoting, corrupting heap memory. With reliable heap grooming this could be steered from a browser crash toward arbitrary code execution in the affected process. … |
| Remediation | Vendor-released patch: Chrome 150.0.7871.47 (Stable channel for desktop) - upgrade Linux Chrome to 150.0.7871.47 or later and restart the browser to load the update, per the Chrome release advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all Linux systems running Chrome Remote Desktop and determine which are Internet-accessible or used for critical administration. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-416 – Use After Free
View allSame technique Memory Corruption
View allVendor StatusVendor
SUSE
Severity: Critical| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40808
GHSA-h55x-prmc-8cvx