{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7347", "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "state": "PUBLISHED", "assignerShortName": "Chrome", "dateReserved": "2026-04-28T20:02:40.513Z", "datePublished": "2026-04-28T22:36:05.500Z", "dateUpdated": "2026-04-28T22:36:05.500Z"}, "containers": {"cna": {"affected": [{"vendor": "Google", "product": "Chrome", "versions": [{"version": "147.0.7727.138", "status": "affected", "lessThan": "147.0.7727.138", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Use after free", "cweId": "CWE-416"}]}], "providerMetadata": {"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome", "dateUpdated": "2026-04-28T22:36:05.500Z"}, "references": [{"url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html"}, {"url": "https://issues.chromium.org/issues/501722605"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)"}], "id": "CVE-2026-7347", "lastModified": "2026-04-28T23:16:22.280", "metrics": {}, "published": "2026-04-28T23:16:22.280", "references": [{"source": "chrome-cve-admin@google.com", "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://issues.chromium.org/issues/501722605"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "chrome-cve-admin@google.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[147.0.7727.138,147.0.7727.138)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Chrome", "source": "cna", "vendor": "Google"}, "product": "chrome", "vendor": "google"}], "analysis": {"en": {"generated_at": "2026-04-29T02:45:08.457992+00:00", "value": {"mitigation_remediation": ["Update Google Chrome to version 147.0.7727.138 or later, which contains the fix for the use\u2011after\u2011free in Chromoting.", "Disable or restrict the Chromoting feature if it is not required for work or testing, thereby removing the attack surface exposed by the flaw.", "Apply network segmentation or firewall rules that limit incoming traffic to the ports used by Chromoting to reduce the chance that malicious traffic reaches the vulnerable component."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Google Chrome versions older than 147.0.7727.138 are affected; any platform running these versions with the Chromoting feature enabled is potentially vulnerable.", "description_and_impact": "The vulnerability is a use\u2011after\u2011free in the Chromoting component of Google Chrome. When the browser processes malicious network traffic, it may access memory that has already been freed, which can allow an attacker to execute arbitrary code. The CVE indicates a high severity but does not specify the privilege level of the code execution.", "risk_and_exploitability": "The flaw carries a high severity rating. EPSS information is not currently available, and it is not listed in the CISA KEV catalog. Nevertheless, because arbitrary code execution can be achieved via network traffic, the potential for exploitation remains significant. The issue is classified as CWE\u2011416 and warrants prompt remediation."}}}}, "created": "2026-04-29T00:30:15.865815+00:00", "title": "Chromoting Use-After\u2011Free Enables Remote Code Execution via Malicious Network Traffic", "updated": "2026-04-29T02:45:35.946050+00:00", "vendors": ["google", "google$PRODUCT$chrome"]}