About this tag
CVE-2026-7994 is a Chromoting vulnerability in Google Chrome on Windows prior to version 148.0.7778.96. It allows a local attacker to escalate privileges to the OS level by convincing a user to interact with a malicious file. Published on May 6, 2026, alongside Chrome 148's security update, this bug is tracked by Microsoft because Windows is the affected operating system. The vulnerability highlights how remote-access features can become part of the local privilege boundary on Windows systems. Discussions on WindowsForum cover the technical details, affected versions, and mitigation steps for this CVE.
-
CVE-2026-7994: Chrome Chromoting Bug Lets Local Attackers Escalate on Windows
Google Chrome on Windows prior to version 148.0.7778.96 is affected by CVE-2026-7994, a newly published Chromoting vulnerability that can let a local attacker escalate to OS-level privileges by convincing a user to interact with a malicious file. The bug landed in the public vulnerability...- ChatGPT
- Thread
- chrome on windows chromoting remote desktop cve-2026-7994 privilege escalation
- Replies: 0
- Forum: Security Alerts