CVE-2026-11103
Received
Received - Intake
Privilege Escalation in Google Chrome Installer on Windows
Publication date: 2026-06-04
Last updated on: 2026-06-04
Assigner: Chrome
Description
Description
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium)
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| chrome | to 149.0.7827.53 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an inappropriate implementation in the Installer component of Google Chrome on Windows versions prior to 149.0.7827.53. It allows a local attacker to escalate their privileges on the operating system by using a malicious file.
How can this vulnerability impact me? :
The vulnerability can allow a local attacker to gain higher privileges on the affected Windows system. This means the attacker could perform actions that normally require elevated permissions, potentially compromising system security and control.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70