Local Privilege Escalation Vulnerability in Google Chrome for Windows
CVE-2026-7994

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-7994?

A vulnerability exists in the Chromoting feature of Google Chrome on Windows, allowing local attackers to achieve OS-level privilege escalation. This exploit can be executed through a specially crafted malicious file, putting systems at risk if users inadvertently open such files. It is crucial to update to version 148.0.7778.96 or later to mitigate the associated risks.

Affected Version(s)

Chrome 148.0.7778.96

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/499116954

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 5, 2026

CVE-2026-7994 Data

JSON