CVE-2026-10942
Received
Received - Intake
BaseFortify
Publication date: 2026-06-04
Last updated on: 2026-06-05
Assigner: Chrome
Description
Description
Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| chrome | to 149.0.7827.53 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an inappropriate implementation in the user interface of Google Chrome on Windows versions prior to 149.0.7827.53. It allows a local attacker to escalate their privileges by using a malicious file.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing a local attacker to gain higher privileges on your Windows system through Google Chrome. This privilege escalation could enable the attacker to perform actions that require elevated permissions, potentially compromising system security.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70