cve-2026-7347

CVE-2026-7347 is a high-severity use-after-free vulnerability in Google Chrome's Chromoting component, disclosed on April 28, 2026. The flaw affects Chrome versions before 147.0.7727.138 and could allow a remote attacker to execute arbitrary code via malicious network traffic. Because Chromoting handles remote access, this vulnerability poses a particular risk to Windows administrators who rely on remote-control tools. The discussion on WindowsForum emphasizes that browser-based remote access risks are no longer isolated to the browser tab, making it critical for IT teams to patch promptly across all Chromium-based browsers, including Microsoft Edge, to protect enterprise remote access infrastructure.