HIGHCVE-2026-7990Published Modified CNA Chrome
CVE-2026-7990: Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148
Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium)
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 148.0.7778.96
- Affected Products
- 1
Fix available
148.0.7778.96
Affected packages
- Google / Chrome< 148.0.7778.96 (from 148.0.7778.96)
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H